/

How Do You Verify Password Encoding for Users and Customers in Hybris Commerce?

How To

Hybris Commerce's default encoding strategy is plain text. Obviously, this encoding strategy is not safe, and must be changed before going live with your Hybris implementation. To verify the encoding strategy has been changed from plain text, you should run the following FlexibleSearch query in HAC or backoffice:

select {uid},{password},{encodedPassword}, {passwordEncoding} from {user} where {passwordEncoding} != 'md5' or {passwordEncoding} != 'sha256' or {passwordEncoding} != 'sha512' or {passwordEncoding} != 'pbkdf2'

Marc Raygoza

Marc is the Founder of HybrisArchitect.com.
He enjoys helping others learn more about SAP Commerce Cloud (Hybris). Marc is a SAP Commerce Certified Professional and has held the role of SAP Commerce Cloud Architect at Deloitte, PwC, Brillio (a Bain Company), and Nasty Gal. Marc holds an M.S. Software Engineering from Carnegie Mellon University and a B.S. in Accountancy from California State University, Fresno. He can be reached at: mraygoza@hybrisarchitect.com

You may also like...

How to Update Hybris Commerce Content Without Using SmartEdit, WCMS or Impex Files?

How to Configure the Order Number Range in SAP Hybris Commerce Using Groovy

How Do You Allocate Additional Storage to a Red Hat Enterprise Linux Server (RHEL) Volume Group?

How Do You Install the Hybris Commerce Suite License?

Popular Posts

SAP Commerce Project Team – RACI Matrix PowerPoint File

What Is A Dedicated Catalog Import Server In The Hybris Commerce Architecture?

Use Lower Latency Network Interfaces

How to determine which cron jobs are running using SQL?