User Encryption | |
|
About User Encryption | |
When linking multiple systems together, it is often required to have a username and a password for the target system available, in order to login. The other system can be an external database, a web service, etc. User Encryption enables secure storage of such external log-in credentials. The decryption key is not stored by Tiki, and it is only available when the user is logged in. Notes:
|
Password Domains | |
Each linked system makes up a "password domain". Multiple users can log in to a domain. A password domain has a name. The name must be unique. The interface to a linked system, uses the password domain name to look-up a user's credentials for the system. The module "Domain Password", prompts the user for a password.
|
Configuring Password domains | |
Configure in the Admin / Security panel. Make sure OpenSSL (Tiki18+) / Mcrypt (Tiki pre-18) is available Before you enable "User Encryption", make sure that the OpenSSL (Tiki18+) / Mcrypt (Tiki pre-18) PHP extension is available. It is required to encrypt the passwords securely.
|
Code integration | |