Encrypt Stored Passwords

As of XNAT 1.5.3, all passwords are encrypted using SHA-2 before they are stored in the database. However, if you are upgrading from an earlier version of XNAT and using your old database, only passwords that are changed after the upgrade will be SHA-2 encrypted. The others will still be stored in plain-text or obfuscated form. Any attacker that gains access to the database will be able to figure out all unencrypted passwords. This is especially problematic since many users use the same passwords across accounts and an attacker could exploit this to gain access to one of your users' bank account. Attackers should not be able to access the database, but it is best to encrypt passwords to minimize the damage in case they do.

You can encrypt all passwords in the database by installing pgcrypto and executing a simple SQL statement. To install pgcrypto, you must run pgcrypto.sql. It may be located at POSTGRESQL_HOME/contrib/pgcrypto, POSTGRESQL_HOME/share/contrib/pgcrypto, or POSTGRESQL_HOME/share/contrib. Go to the directory containing pgcrypto.sql and execute the following statement where 'database' is the name of your database and 'database_owner' is the database owner:

psql -d database -U database_owner -f pgcrypto.sql

Finally, to encrypt all of the unencrypted passwords in your database, run the following SQL statement using pgAdmin:

UPDATE xdat_user SET primary_password=encode(digest(primary_password, 'sha256'),'hex') WHERE primary_password IS NOT NULL and LENGTH(primary_password)<>64

Or run it from the command line:

psql -d database -U database_owner -c "UPDATE xdat_user SET primary_password=encode(digest(primary_password, 'sha256'),'hex') WHERE primary_password IS NOT NULL and LENGTH(primary_password)<>64"

$label.name