PingAuthorize Server Documentation Index
Configuration Reference Home

Triple DES Password Storage Scheme

Note: this component has a complexity level of "expert", which means that objects of this type are not expected to be created or altered. Please contact support for assistance if you believe that you have a need to create or modify this type of object.

The Triple DES Password Storage Scheme provides a mechanism for encoding user passwords using the triple-DES (DES/EDE) reversible encryption mechanism.

NOTE: The Triple DES Password Storage Scheme is considered insecure and is not recommended for use in production deployments unless you are migrating data that contains password encoded in this format. In such cases, it is highly recommended that it also be configured as a deprecated password storage scheme in all relevant password policies so that users with passwords encoded in this format will automatically have those passwords re-encoded whenever they use them to authenticate to the server.
This scheme contains only an implementation for the user password syntax, with a storage scheme name of "3DES".

Parent Component
Properties
dsconfig Usage

Parent Component

The Triple DES Password Storage Scheme component inherits from the Password Storage Scheme

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
↓ description  None
↓ enabled

Basic Properties

description

Description
A description for this Password Storage Scheme
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

enabled

Description
Indicates whether the Triple DES Password Storage Scheme is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
This Triple DES Password Storage Scheme scheme is considered insecure and is not recommended for use in production deployments unless you are migrating data that contains password encoded in this format. In such cases, it is highly recommended that it also be configured as a deprecated password storage scheme in all relevant password policies so that users with passwords encoded in this format will automatically have those passwords re-encoded whenever they use them to authenticate to the server.


dsconfig Usage

To list the configured Password Storage Schemes:

dsconfig list-password-storage-schemes
     [--property {propertyName}] ...

To view the configuration for an existing Password Storage Scheme:

dsconfig get-password-storage-scheme-prop
     --scheme-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Password Storage Scheme:

dsconfig set-password-storage-scheme-prop
     --scheme-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...