Storing Serv-U Passwords Unencrypted - KB Article #1768Related Articles -- 1177
By default, Serv-U stores all passwords using an MD5 hash algorithm that prevents the original password from being read from the configuration files or from a database. In this way, passwords cannot be accidentally exposed to unauthorized individuals.
However, in some cases it may be important that the administrators can see the passwords for user accounts in clear text even after initially specifying the password. This requires that the password be stored in cleartext in the configuration file or database. To enable storage of passwords in cleartext, follow the steps below:
- Open the Domain Limits & Settings menu in Serv-U (or the Server Limits & Settings depending on the scope of the change)
- Open the "Limit" menu, and select the "Password" limit type
- Click "Add" to add a limit, and then select "Password encryption mode"
- Select "No encryption", and then click "Save"
Once the new limit is saved, users added by the Management Console will no longer have encrypted passwords. Existing passwords will still be encrypted and must be re-entered to work properly. Users added directly to a Serv-U database directly will also no longer need to have their passwords encrypted.
Password Encryption Types
An explanation of the password encryption types follows:
- No encryption (not recommended): Passwords are stored in clear text, visible to the Serv-U Management Console for easy retrieval
- One-way encryption (more secure): Passwords are hashed using a one-way MD5 hash that prevents anyone from finding the original password. In most cases, this is recommended.
- Simple two-way encryption (less secure): This is an encrypted password form that is proprietary to Serv-U, allowing the Password Recovery feature to recover original passwords instead of resetting them.