The Now Platform® Washington DC release is live. Watch now!
‎04-27-2018 05:25 AM
Hi Guys,
Just for security concerns i wanted to know which mechanism or algorithm names are using for Password(1 way encrypted and 2 way encrypted). Could anyone please tell us the algorithm names used for Password(1 way encrypted and 2 way encrypted).
Thanks.
Mumtaz Ansari
‎04-27-2018 06:12 AM
I don't see it in the product documentation (docs.servicenow.com) nor in any of my notes. It pre-dates my days at ServiceNow.
I recommend reaching out to customer support. I’ll be interested to hear what they have to say. Please be sure to report back here with your findings. — Thank you
‎04-27-2018 06:23 AM
Thanks Chuck!!
I have already raised a HI ticket and I ll post back once i got reply.
‎05-02-2018 05:51 AM
Here is reply from SerivceNow Support team.
Password (1 Way Encrypted) Text field that stores passwords with one-way encryption. One-way encryption stores the password as a secure hash value that cannot be decrypted.
Password (1 Way Encrypted) is using either of the three types.
Password (2 Way Encrypted) Text field that stores passwords with two-way encryption. Two-way encryption stores the password as a secure encrypted value that can be decrypted programmatically within the instance. You can use Password 2 encryption with form variables. To encrypt text fields on forms, use Encryption Contexts. The length for password2 field values must be at least 255 characters.
Password (2 Way Encrypted) is using 256 AES.
Encryption key :
Key used to encrypt the data. Leave this field blank to randomly generate a key. Based on the desired type of encryption, enter the exact number of characters:
24 characters for 3-key Triple DES
16 characters for AES 128-bit
32 characters for AES 256-bit (requires system configuration)
Please check further details on setting up encryption contexts:
‎07-22-2021 08:07 PM