Hi,
I was wondering the following question:
1- How many charachter count is recommanded for Encryption Key in the "setting>server"
2- What type of Encryption is OC3038 using?
3- What are the limitation? (special characters etc.)
4- Will a password generator tool suffice?
Thanks
1. From 32 to 1024
2. Openssl_encrypt aes128
4. Yes.
My FREE extensions in marketplace. [ security | flexibility | speedup ]
Thanks, I just did a quick research on how Openssl_encrypt aes128 works and it appears if I use more than 16 characters, it will still provide a same security, the only diffrence would be the more the characters are the more antropy as the system might hash it or truncate it to fit the 16-byte requirement of AES-128.
I am using English OpenCart 3.0.3.8, Default Template/Theme, php 7.4, Latest Brave Browser (No Ads-Blocker, etc.)
The encryption is only use by few of the payment extensions, probably unnecessarily. It's of limited use as it doesn't support authentication.
Thanks,
3- What are the characters limitation in opencart passwords in setting, database etc? (special characters, symbols, etc.)
3- What are the characters limitation in opencart passwords in setting, database etc? (special characters, symbols, etc.)
I am using English OpenCart 3.0.3.8, Default Template/Theme, php 7.4, Latest Brave Browser (No Ads-Blocker, etc.)
The passwords will be hashed so there should be no limitation, apart from maybe the database one, which will be down to the database.
Who is online
Users browsing this forum: Bing [Bot] and 18 guests
