adding username/password to SQL Server 2005 database

vsefcik · Post by **vsefcik** » Sat Nov 01, 2008 9:12 am

1. Brekeke Product Name and version: 2.1.6.6 Academic

2. Java version: 1.06

3. OS type and the version: Windows Server 2003

4. UA (phone), gateway or other hardware/software involved:

5. Select your network pattern from http://www.brekeke-sip.com/bbs/network/ ... terns.html :

6. Your problem: We're using SQL Server 2005 as a third-party database and we need to add new users using a VB.NET application (not using the CSV database import). Can you tell me what encryption method is being used for the passwords in the database so that we can insert records directly into the database?

voipwell.com · Post by **voipwell.com** » Sat Nov 01, 2008 9:09 pm

Hi,

I use sql 2005 also and the database accepts passwords not encrypted if you turn it off in the sip server database screen. I believe if you add a password thru sql/vbapplication with encryption turned on, Brekeke will encrypt it, so you can still add it thru sql.

vsefcik · Post by **vsefcik** » Mon Nov 03, 2008 7:50 am

Thanks for pointing out the ability to save passwords in the database in clear text. However, that violates one of our audit policies. So, I'm still looking for a way to encrypt the passwords if our application inserts a record into the database.

voipwell.com · Post by **voipwell.com** » Tue Nov 04, 2008 5:41 pm

Hi,

I've seen Brekeke reply in other posts that they don't give out their encryption routine for security reasons. However, there is nothing preventing you from using your own encryption after turning off theirs.