1

There's an endpoint that receives an e-mail and password and creates a user account in an external system. To access that endpoint, one must be logged in to our system as it's the only way for that user account to be created.

To me it looked really bad when I found out that the password was going to be sent without encryption, but I'm not an expert on the subject and I was assured that the communication was safe being sent via https.

Is it? If not, what would be a good solution to this problem?

mael'
  • 210
  • 1
  • 7
Julián
  • 111
  • 3
  • https isn't encryption? I'd be more concerned that you're storing a password somewhere that isn't hashed. – Steve Sether Jul 15 '19 at 20:27
  • These kinds of situations are about weighing the potential threat against the potential costs of a more secure solution. https is only encrypted in transit (the packets are relatively safe) - the e-mail itself is still going to be in plain text. My recommendation would be to send users temporary passwords (that they have to change when they first login) and store passwords in an encrypted archive on your system. – mael' Jul 15 '19 at 20:29
  • No, because if a client certificate is installed on a certain network that HTTPS traffic is intercepted by someone and therefore no longer considered secure because they unencrypted the traffic via MITM. – Brad Jul 16 '19 at 18:19

0 Answers0