Project and Portfolio Management Practitioners Forum
cancel

Encryption of Password

Highlighted
vamsee_1
Respected Contributor.

Encryption of Password

Hi,

I have noticed a problem with the ITG system wherein if at all the HTTP 1.1 service in the browser is disabled you can easily trace the username and password that you have entered to login into the system.

This is a persistent problem and hence we are unable to allows users have LDAP authntication cos this might be threatening to have as the ITG does not encrypt the password.

ANy thoughts on how this could be achieved?
1 REPLY
Torsten Neumann
Trusted Contributor.

Re: Encryption of Password

One way to do this would be to use SSL to encrypt all traffic between the server and the client.

Use a front-end webserver to achieve this (e.g. Apache with mod_ssl).

Torsten
Kintana strikes back... ;-)