For security reasons, you may want to store passwords in hashed form. This guards against the possibility that someone who gains unauthorized access to the database can retrieve the passwords of every user in the system. Hashing performs a one-way transformation on a password, turning the password into another String, called the hashed password. “One-way” means that it is practically impossible to go the other way - to turn the hashed password back into the original password. There are several mathematically complex hashing algorithms that fulfill these needs. By default, the Personalization module uses the MD5 algorithm to perform a one-way hash of the password value and to store it in hashed form.

The hashed password value is not encrypted before it is stored in the database. When a member attempts to log in, the Personalization module takes the supplied password, performs a similar one-way hash and compares it to the database value. If the passwords match, then login is successful.

If you do not want to use the hashing function, you can disable it by setting the passwordHasher property of the /atg/userprofiling/PropertyManager component to /atg/dynamo/security/NullPasswordHasher. Thereafter all passwords will be stored and compared in clear text. You can change the hashing algorithm used by setting the passwordHasher property to point to a PasswordHasher component that uses the appropriate hashing algorithm. ATG provides the following implementations:




Uses the mechanism for hashing passwords. This hasher digests the password and then encodes using the binary-to-text encoding scheme specified by the encoding property (base16 by default). This hasher does not support one-time hashing; passwords are encoded the same way every time.


MD5-specific version of DigestPasswordHasher that supports one-time hashes.


A password hasher for use with the LDAP repository and the Netscape Directory Server.


Stores passwords unhashed. Use this if you want passwords maintained in plain text, rather than hashed.

loading table of contents...