Project and Portfolio Management Practitioners Forum

Encryption of Password

Respected Contributor.

Encryption of Password


I have noticed a problem with the ITG system wherein if at all the HTTP 1.1 service in the browser is disabled you can easily trace the username and password that you have entered to login into the system.

This is a persistent problem and hence we are unable to allows users have LDAP authntication cos this might be threatening to have as the ITG does not encrypt the password.

ANy thoughts on how this could be achieved?
Torsten Neumann
Trusted Contributor.

Re: Encryption of Password

One way to do this would be to use SSL to encrypt all traffic between the server and the client.

Use a front-end webserver to achieve this (e.g. Apache with mod_ssl).

Kintana strikes back... ;-)