Introduction

Users frequently ask if JS7 can encrypt credentials. The answer is "no" as it makes no sense to handle a symmetric key that is in reach of the component that makes use of it. Encrypted passwords correspond to the "key under the mat", they do not provide additional security, however, they perfectly contribute to "security by obfuscation".

There is one way only how to securely handle passwords: not to use passwords.

If use of passwords is required then consider to use a Credential Store. In addition, check if alternative authentication mechanisms can be applied such as Integrated Security.

Credential Store

JS7 supports use of a Credential Store:

JS7 - Credential Store
- JS7 - Use of Credential Store with Shell Jobs
- JS7 - Use of Credential Store with JITL Jobs

Integrated Security

Integrated Security includes that

this authentication scheme is based on the fact that the account that a component is operated for is already authenticated and therefore can access a database without specifying user/password credentials.
this feature is available for a number of DBMS such as
- Microsoft SQL Server®, see the JS7 - How to connect to a SQL Server database without password article.
- Oracle® that includes support for Oracle® Wallet, see the JS7 - How to connect to an Oracle database without using passwords article.

Space shortcuts

Page tree

Introduction

Credential Store

Integrated Security

Space shortcuts

Page tree

JS7 - How to encrypt passwords for access to a database by a job

Introduction

Credential Store

Integrated Security