Previous Topic: Administer Passwords

Next Topic: Encrypt Passwords Stored in the Directory

How Password Encryption Works

When users add a password to their account, the following happens:

  1. A user binds to a DSA.
  2. The user adds a password to his or her user account.
  3. The DSA encrypts the password, and then stores the encrypted password in the userPassword attribute.

    The encrypted password includes the name of the encryption scheme.

By default, DSAs use SHA-1 to encrypt passwords, but you can change to a different scheme if you prefer.


Copyright © 2009 CA. All rights reserved. Email CA about this topic