Provide a "Password Hash" field option, which automatically hashes a password in database

philip.godfrey Public · Aug 30 2024

Idea Summary
When creating a new application, it is usually required that username and passwords are created e.g., in a USERS table. Typically the password would be stored as VARCHAR2, which would appear in plain text in the database, which is not secure.

A way around this is to create a custom function that takes the entered password, and hashes it (using DBMS_CRYTPO for example) and that hash is stored in the database, rather than in plain text, which is much more secure.

It would be perfect if this functionality could be provided by default.

On the create page option a user could select “User Registration” which would create a password that contain a page item type that hashes a password (e.g, Password-Hash). This would hash the password as standard, providing a secure way for user details to be stored in the database.

Use Case
Useful for anyone developing an application that requires users to login / authenticate.

Preferred Solution (Optional)
As described above.

We reviewed this idea carefully and came to the conclusion that it does not constitute an appropriate APEX feature request.

Comments

vincent morneau Admin OP 1.5 years ago

We considered this, but ultimately the password management should be offloaded so an SSO, passkey or some other secure authentication. Better if APEX doesn't get too much in this business.

2 Voters

Provide a "Password Hash" field option, which automatically hashes a password in database

Feature

Comments

Comments