Default Plain Text (No Encryption) Settings

These are the shipping defaults for the security settings:

Ignore password case = True
Ignore username case = True
Use Encoding = False

These settings mean that by default, clear-text passwords match the unencrypted passwords contained in the sample Headquarters database (HQ.DB), as it appears upon installation.

Matching Existing Archibus Encoding

Sites that use the Archibus method of encryption for securing their project databases can set Use Encoding to True:

Ignore password case = True
Ignore username case = True
Use Encoding = True

This configuration matches existing Archibus encryption, meaning that if you had encrypted passwords with v17.1 or earlier, the above settings enable users to keep their existing passwords.

Changing Password Policies

The first two settings – Ignore password case and Ignore username case – do not affect the stored password values. They affect how stored values are compared to the values entered by the user on the login form.

For example, to make passwords case-sensitive, you do not need to change the password values stored in the database. Simply set the first property of PasswordEncoder to false: Ignore password case = False.

Changing Password Encryption

To change password encryption (Archibus → bcrypt, old format → new format, and so on), the PasswordManager uses a second instance of PasswordEncoder named passwordEncoderMigrateTo , used just for the conversion, with different settings.

See also

Configure the Authentication Use Cases