The problem in this case is that encrypted values are sent to the client. Since the client also has the key to decrypt those values, the client basically receives in plaintext the passwords that are set to connect to those databases. Those encrypted passwords should never leave the server once they are set and if they have to, they should be encrypted with a key that’s not shared with the client.
|Who would benefit from this IDEA?||All the entreprises that are concerned with data security.|
How should it work?
In a secure communication.
|Priority Justification||Security issue|
NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "firstname.lastname@example.org" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions