Skip to main content
A
AC_82276354-Participant
4-Participant
April 9, 2025
Question

Encryption algorithm is used by WindchillDS to store passwords

  • April 9, 2025
  • 2 replies
  • 613 views
I am using Windchill PDMLink Release 11.0 and Datecode with CPS M030-CPS22

Windchill DS default password policy預設演算法為Salted SHA-1(ds-cfg-default-password-storage-scheme),若要變更其他加密演算法(如Salted SHA-256),對於系統目前的user會有何影響? 原廠是否支援在有使用者及資料的情況下,中途變更Windchill DS加密演算法?

2 replies

Catalina
CatalinaCommunity Manager
Community Moderator
April 9, 2025

Hi @AC_8227635 

 

Thank you for your question! 

 

I’d like to recommend to bring more details and context to your initial inquiry. For example:

  • Can you describe the current configuration of your Windchill DS password policy? Are you currently using the default Salted SHA-1 encryption algorithm?
  • Are you concerned about how changing the encryption algorithm to Salted SHA-256 might affect existing users and their data? If so, what specific impacts are you worried about?

Please add screenshot(s) to better understand what you are trying to do in your process. 

 

Please refer to this guideline to make your questions more likely to receive a quick and useful answer. 

This will increase your chances to receive meaningful help from other Community members. 

 

What is a good question? 

Windchill 

 

Thank you for your participation and please let me know if you need further assistance! 

 

Best regards,

Catalina | PTC Community Moderator
A
AC_82276354-ParticipantAuthor
4-Participant
April 10, 2025

Thank you for your reply.

Can you describe the current configuration of your Windchill DS password policy? Are you currently using the default Salted SHA-1 encryption algorithm?
Yes, the current configuration uses the default password policy of Windchill DS, and it is set to use the default Salted SHA-1 encryption algorithm.

Password policy.png

 

Are you concerned that changing the encryption algorithm to Salted SHA-256 might affect existing users and their data? If so, what specific impacts are you worried about?
I’m concerned that it might cause user password verification failures or require users to reset their passwords.

Catalina
CatalinaCommunity Manager
Community Moderator
April 15, 2025

Hi @AC_8227635,

I wanted to see if you got the help you needed.

If so, please feel free to detail in a reply what has helped you and mark it as the Accepted Solution. It will help other members who may have the same question.

Of course, if you have more to share on your issue, please pursue the conversation.

Thanks,

Catalina | PTC Community Moderator
avillanueva
23-Emerald I
avillanueva23-Emerald I
23-Emerald I
April 9, 2025

Translation did not work so ran through Google: The default password policy of Windchill DS uses Salted SHA-1 (ds-cfg-default-password-storage-scheme). If I want to change to another encryption algorithm (such as Salted SHA-256), what will be the impact on the current users of the system? Does the manufacturer support changing the Windchill DS encryption algorithm midway when there are users and data?

 

I would think that this would not matter but certainly worth a test. I found this write up the has a lot of good information: https://backstage.forgerock.com/docs/ds/8/use-cases/change-password-storage.html

OpenDJ is the tool behind WindchillDS.

Terms & ConditionsAccessibility statement