Clarity PPM

Expand all | Collapse all

Decrypt password in Clarity

Jump to Best Answer
  • 1.  Decrypt password in Clarity

    Posted 02-04-2019 03:08 PM

    hi All

     

    Is it possible to decrypt user password in Clarity? If so, how can be do it? 

     

    Thanks all in advance. 

     

    Monica



  • 2.  Re: Decrypt password in Clarity

    Posted 02-04-2019 08:29 PM

    Hi Monica,

     

    I think that it is impossible to decrypt user password because user password is stored in table by using Cryptographic hash function.

     

    Regards,

    Shoichi



  • 3.  Re: Decrypt password in Clarity

    Posted 02-05-2019 02:48 AM

    Hi Monica,

     

    Clarity passwords are one way hash encryption, can you please let us know what you are trying to achieve by decoding the same.


    Regards

    Suman Pramanik 



  • 4.  Re: Decrypt password in Clarity

    Posted 02-05-2019 08:53 AM

    Hi Shoichi_Sugawara, SumanPramanik - I'm trying to set up password for new users in Clarity and want to send an email to them with their password details for automated login.



  • 5.  Re: Decrypt password in Clarity

    Posted 02-05-2019 08:58 AM

    Hi Monica,

     

    If you create users by XOG then Default password would be Niku2000 and if you are On Prem customer you can update  the password The Admin password needs resetting, login is locke - CA Knowledge  for 1st time and ask them to change post their login.

     

    Regards

    Suman Pramanik 



  • 6.  Re: Decrypt password in Clarity

    Posted 02-05-2019 09:06 AM

    Hi Suman, I'm fine with the password update statement. Issue is that  I want to send an email to end users on their password change. Also, the password is not going to static and would be changing continuously. I need a decrypted password to be sent to users' email address to have their login credentials.

    Monica



  • 7.  Re: Decrypt password in Clarity

    Posted 02-05-2019 09:39 AM

    you cannot decrypt for sure, you can change to default and ask him to change. 



  • 8.  Re: Decrypt password in Clarity
    Best Answer

    Posted 02-05-2019 09:46 AM

    Hashed passwords (our passwords are not encrypted) cannot be decrypted. They do not have an inverse operation (unless there were known vulnerabilities with the hash function / algorithms) and they are used specifically to make this hard (as in nearly impossible).

     

    This is intended and done for security purposes, if a database with hashed passwords is compromised, the passwords would not be known (it would still be a good idea changing the passwords as there are other attacks that come into play, but this is generally out of scope of this discussion).



  • 9.  Re: Decrypt password in Clarity

    Posted 02-05-2019 09:22 AM

    Well, just wondering again...

    decrypt
    /diːˈkrɪpt/
    verb
    verb: decrypt; 3rd person present: decrypts; past tense: decrypted; past participle: decrypted; gerund or present participle: decrypting
    1. 1.
      make (a coded or unclear message) intelligible.
      "the computer can be used to encrypt and decrypt sensitive transmissions"
    noun
    noun: decrypt; plural noun: decrypts
    1. 1.
      a text that has been decoded.
      "he passed the raw decrypts to Moscow, but denies that he was a spy"
      Sounds to me that encrypting would be better for emails.
      If the aim is to keep the password not displayed Niku2000 is hardly an option when everybody in the community knows it even if the user has to change on first login.
      If you are going to direct db writes as an option to the KB, can't you set your own password to something and copy the db value to Admin and then change yours back to something else.


  • 10.  Re: Decrypt password in Clarity

    Posted 02-11-2019 02:47 PM

    Other option instead of decrypting the password is to reset it to something you generate and then email the new password to them.

     

    I believe I stumbled onto this a couple of years ago (when we looked at automating a password reset).

     

    V/r,

    Gene



  • 11.  Re: Decrypt password in Clarity

    Posted 02-12-2019 03:04 AM

    All the password issues and maintenance of users goes away if you integrate LDAP. So think of that aspect too.