/

How Do You Verify Password Encoding for Users and Customers in Hybris Commerce?

How To

Hybris Commerce's default encoding strategy is plain text. Obviously, this encoding strategy is not safe, and must be changed before going live with your Hybris implementation. To verify the encoding strategy has been changed from plain text, you should run the following FlexibleSearch query in HAC or backoffice:

select {uid},{password},{encodedPassword}, {passwordEncoding} from {user} where {passwordEncoding} != 'md5' or {passwordEncoding} != 'sha256' or {passwordEncoding} != 'sha512' or {passwordEncoding} != 'pbkdf2'

Marc Raygoza

Marc is the Founder of HybrisArchitect.com.
He enjoys helping others learn more about SAP Commerce Cloud (Hybris). Marc is a SAP Commerce Certified Professional and has held the role of SAP Commerce Cloud Architect at Deloitte, PwC, Brillio (a Bain Company), and Nasty Gal. Marc holds an M.S. Software Engineering from Carnegie Mellon University and a B.S. in Accountancy from California State University, Fresno. He can be reached at: mraygoza@hybrisarchitect.com

You may also like...

How to Evaluate Your SAP Hybris Commerce Pre Go-Live Readiness?

How to Update Hybris Commerce Content Without Using SmartEdit, WCMS or Impex Files?

Video Tutorial (Premium Content): How do you add a new attribute to an existing item type in SAP Hybris Commerce?

How to Generate Impex Scripts with the Hybris Architect Impex Manager?

Popular Posts

SAP Commerce Project Team – RACI Matrix PowerPoint File

What Is A Dedicated Catalog Import Server In The Hybris Commerce Architecture?

Use Lower Latency Network Interfaces

How to determine which cron jobs are running using SQL?