Security Guide for Siebel eBusiness Applications > Authentication Details > Authentication Options >

Credentials Password Encryption


Credentials password encryption allows you to maintain an unexposed, encrypted password to a database account, while an unencrypted version of the password is used in other phases of the authentication process.

Credentials password encryption can be implemented in the following authentication strategies:

NOTE:  You can implement credentials password encryption with the Siebel encryption utility. This utility and applicable installation instructions are available from Siebel Technical Support.

Credentials password encryption supports the following principles:

A user is logged into the database by the following process:

To implement credentials password encryption

  1. For each database account, create and record the login name and a password.
  2. Do one or more of the following:
  3. encrypt password

    The utility encrypts the argument and verifies the results. For example, to encrypt the password "siebel," enter:

    encrypt siebel

    The confirmation from the utility is similar to:

    Encoding String => siebel <= to => T>?Be <=

    Verify encoding => T>?Be <= to => siebel <=

    encrypt password1 password2 password3 ...

    encrypt @passwords.txt

  4. Assign the encrypted passwords to their corresponding database accounts.
  5. For information about assigning passwords to database accounts, see your RDBMS documentation.

  6. For each Siebel application that implements credentials password encryption, set the following parameter value in the application's configuration file. For example, edit the eservice.cfg file for Siebel eService.
  7. In the [adapter_name] section, for example [LDAP]:

    EncryptCredentialsPassword = TRUE

    For information about setting Siebel application configuration file parameters, see Siebel Application Configuration File Parameters.

  8. Make sure that the attribute in the directory that contains the database account contains the unencrypted version of the database password.
  9. For information about required attributes in the directory, see Requirements for Directory.

Credentials password encryption is discussed in a usage context in Security Adapter Deployment Options.


 Security Guide for Siebel eBusiness Applications 
 Published: 23 June 2003