Details
-
Suggestion
-
Resolution: Fixed
-
None
-
1,082
-
Description
Hi,
I'm excited to share that in Bitbucket Server and Data Center 7.8 we added an extra layer of security. You can now encrypt the database password that is stored in bitbucket.properties file with one of the encryption methods provided.
You can find more information in the Bitbucket Server and Data Center 7.8 release notes and Encrypting database passwords docs.
Anton Genkin
Product Manager Bitbucket Data Center
Original message
Bitbucket should encrypt the database password since it's in plain text in the bitbucket.properties file or it could use the integrated authentication with the databases such as MSSQL database.
This is really the same underlying issue as JIRASERVER-31004, but applies to Bitbucket (as it should to all database passwords stored at rest for other Atlassian applications).
Current state:
jdbc.password=plaintext
Desired state:
jdbc.password=WG%^'mP/@6*S\'6GX2m}B:4+b~\qh/VJ?a=S'fJke[t/XhMCp&
Attachments
Issue Links
- is related to
-
- Closed
-
- Gathering Interest
-
- Gathering Interest
- relates to
-
- Closed
-
JOT-56 Loading...
- causes
-
- mentioned in
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
