Question

1
Replies
46
Views
Close popover
Devi Pattanaik (Dev_Pattanaik)
Accenture Solutions Pvt.Ltd
Application Development Senior Annalyst
Accenture Solutions Pvt.Ltd
IN
View Profile
Dev_Pattanaik Member since 2015 2 posts
Accenture Solutions Pvt.Ltd
Posted: September 9, 2019
Last activity: September 11, 2019
Closed

Hash algorithm upgrade in Pega 6.2 SP2

Hi Team,

Currently our application is on Pega 6.2 SP2 version and there is no pr-config setup for Hash algorithm validation.

From security perspective, our client is planning to upgrade either one of the below Hash algorithm:

1. MD5

2. SHA-1

3. SHA-2

Can any one please suggest the approach for this or any relevant article to refer the same ?

System Administration Upgrades
Close popover
Moderation Team has archived post
Posted: 1 year ago
Close popover
Syl Schinco (SylSchinco_GCS)
PEGA
Technical Solutions Engineer
Pegasystems Inc.
US
View Profile

In the 7.2.2 release, we made bcrypt - the current 'gold standard' in one way hash algorithms - the default.  This was released December 2016.


https://community.pega.com/knowledgebase/using-bcrypt-hashing-algorithm-password-property-types


In 7.1.7, we made SHA-256 and SHA-512 available:


https://community.pega.com/knowledgebase/release-note/password-hashing-using-sha-256sha-512


You should consider upgrading the application to take advantage of these and other security features and updates in the most recent versions.  The current version is 8.3.


 
Share this page Share via LinkedIn Copying...
Copied!