Skip to main content
Contact a Moderator

Question

1
Replies
50
Views
 Devi Pattanaik (Dev_Pattanaik)
Accenture Solutions Pvt.Ltd
Application Development Specialist (Team Lead)
Accenture Solutions Pvt.Ltd
IN
Dev_Pattanaik Member since 2015 2 posts
Accenture Solutions Pvt.Ltd
Posted: September 9, 2019
Last activity: September 11, 2019
Posted: 9 Sep 2019 1:12 EDT
Last activity: 11 Sep 2019 14:07 EDT
Closed

Hash algorithm upgrade in Pega 6.2 SP2

Hi Team,

Currently our application is on Pega 6.2 SP2 version and there is no pr-config setup for Hash algorithm validation.

From security perspective, our client is planning to upgrade either one of the below Hash algorithm:

1. MD5

2. SHA-1

3. SHA-2

Can any one please suggest the approach for this or any relevant article to refer the same ?

System Administration Upgrades
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 2 years ago
Posted: 11 Sep 2019 14:07 EDT
Syl schinco (SylSchinco_GCS)
PEGA
Technical Solutions Engineer
Pegasystems Inc.
US

In the 7.2.2 release, we made bcrypt - the current 'gold standard' in one way hash algorithms - the default.  This was released December 2016.


https://community.pega.com/knowledgebase/using-bcrypt-hashing-algorithm-password-property-types


In 7.1.7, we made SHA-256 and SHA-512 available:


https://community.pega.com/knowledgebase/release-note/password-hashing-using-sha-256sha-512


You should consider upgrading the application to take advantage of these and other security features and updates in the most recent versions.  The current version is 8.3.


 

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice