Protecting Clear Text Password

Passwords are the basic type of authentication in a system. They are easy to implement and also easy to attack. However, there are situations where you need to use a password to protect access to a resource. Its fine if an end user of system is providing the password directly to the system. Sometimes you need to store the password in a configuration file of a system. That’s where the dilemma starts. You have a scheduled SFTP process that needs a password to start. Do you keep the password in clear text or do you encrypt it? If you encrypt it, then how do you protect the key to encrypt and decrypt the password?

I would never suggest you to keep the password in clear text. Always have the password (in store) encrypted; symmetric encryption using 3 DES is preferred as it is efficient and will not tax the system resources. The keys can be stored in a key store. Any process or function in the system needs to have a password to access the key store to get the keys. So how do you protect the master key to the key store? Easy and economic way is to have the master password to the key store in a system configuration file that can be accessed only by the function or process that needs to know about it.

This is not a complete secure solution. However, we are introducing concept of security-in-depth where you are introducing layers of security to protect a resource. So when the scheduled job of SFTP needs to be kicked off, the process (or the job) first accesses the configuration file that contains the master password for the key store provided the process has the right privilege to access the configuration file. Once the process gets the master password, then it would decrypt the cipher text (encrypted password) to get the password to kick off the SFTP.

Leave a comment

Your email address will not be published. Required fields are marked *