Clear Text Passwords
The password of a user in Active Directory is stored in encrypted format. To have access to this password in clear text, two options are available when the password is initially retrieved in the login page:
- Extend the profile schema by adding a new property to store the clear text password. Extending the schema must be performed through the Profile Definition Designer in Commerce Server Business Desk. For information about this procedure, see Adding Properties to a Profile Definition.
- Create a custom cache to store the clear text password.
.gif "Ee784174.note(en-US,CS.20).gif")
Notes
- Storing clear-text passwords is a security risk, because they are inherently less secure than encrypted passwords.
- The profile service allows profile properties to be encrypted. For more information, see Managing Encrypted Profile Properties.
Copyright © 2005 Microsoft Corporation.
All rights reserved.