Secure Passwords

This information is applicable for AutoClassifier v6.0.1.0-17704+.

  • AutoClassifier does not encrypt passwords stored in configuration by default.

  • To secure passwords configure AutoClassifier to encrypt them

Environment Variables

Password encryption requires the following environment variables to be set:

  • BAInsightSecurityEncriptionKey

    • The value of this environment variable is used as key encryption algorithm.

    • Example: RgUkXp2s5v8y/B?E(H+KbPeShVmYq3t6

  • BAInsightSecuritySaltKey

    • The value of this environment variable is used as a salt key for the encryption algorithm.

    • Note that BAInsightSecuritySaltKey value must be at least 8 characters.

    • Example: TjWnZr4u7x!A%D*G-KaPdRgUkXp2s5v8

Note 1: If you want to change your encryption and / or salt keys later, you must manually re-enter all the configured passwords in AutoClassifier configuration, including the Configuration Database connection string.
Before re-entering the passwords, you need to recycle all AutoClassifier websites application pools.

Note 2: If you use more BA Insight products that uses this encryption mechanism, the same keys are used for all such products.
If you don't know this information, please contact BA Insight Support Team.

Note 3: If you install AutoClassifier in a multi-server environment, you need to set up the same environment variables on all the servers running AutoClassifier

Note: The priority of reading the values from the environment variables is User Environment Variables and then, if user variables are not set, the System Environment Variables are checked.
If you want to have multiple user accounts running multiple BA Insight products that use this encryption mechanism, you can either set up the environment variables for each of the users, or set up the system environment variables.
Note that System environment variables are accessible for all users and this may not align with your security policy.

Upgrades

If you upgrade from version 6.0.1.0-17704 or earlier, you must manually re-enter all configured passwords and Configuration database connection string.