Password Encryption

By default, SAP jConnect for JDBC sends plain text passwords over the network to SAP Adaptive Server for authentication.

However, SAP jConnect also supports symmetrical and asymmetrical password encryption and can encrypt passwords before they are sent over the network.

The symmetrical encryption mechanism uses the same key to encrypt and decrypt the password, whereas an asymmetrical encryption mechanism uses one key (the public key) to encrypt the password and another key (the private key) to decrypt the password. Because the private key is not shared across the network, asymmetrical encryption is considered more secure than symmetrical encryption. When password encryption is enabled, and the server supports asymmetric encryption, this format is used instead of symmetric encryption.

• Enabling Password Encryption
  The ENCRYPT_PASSWORD connection property specifies whether the password is transmitted in encrypted format.
• Enabling Login Retry with Clear Text Password
  Server login fails when the ENCRYPT_PASSWORD property is set to true, and the server does not support password encryption.
• Setting Up the Java Cryptography Extension (JCE) Provider
  Asymmetric password encryption mechanism uses RSA encryption algorithms to encrypt the password being transmitted.