Password Masking

All passwords identified as such to iWay Service Manager (iSM) are masked when stored in iSM configuration files. The masking is designed to prevent unauthorized disclosure of the password. The algorithm used is a salted value cipher that produces values suitable for storage in XML files. Password policies such as minimum password length apply only to iSM passwords, and not to passwords stored by iSM for use in other systems. For example, the password associated with iSM as a client of an external FTP server is controlled by the policies of that server; iSM simply masks the password during its storage.


iWay Software