Forum Stats

  • 3,839,329 Users
  • 2,262,481 Discussions
  • 7,900,934 Comments

Discussions

Is password encryption used in connections.json secure?

Marian_
Marian_ Member Posts: 25 Blue Ribbon

We are using CMU with AD athentification method, but I received question if SQL Developer password encryption is secure enough because in connections.json is stored encrypted AD password. As you can see here https://github.com/maaaaz/sqldeveloperpassworddecryptor decrypting is not very difficult task.

My question to oracle guys (Jeff S. ?). Is planned any more secure encryption method?

I know best way is implement SSO method, but it is not so easy from client view as using AD username/password.


Thanks.


Marian

Answers