Company: Link Technologies
Case No: L12830. Project: 14.40: LinkSOFT Version 14.40 - February 2023
Logged By: Sanjay (Link Technologies) on 12 Jan 2023 11:15AM
Priority: High
Product: Framework
Group: Enhancement
Time Taken: 36.00 (Weight: 18.00)
Assigned To: Sanjay (Link Technologies)
Circulation: Sanjay, Sitla Sharma, Vineet, Vineshwar Prasad
Resolve By: Wednesday, 18 January 2023 06:54 PM [462 days since logged date]
Status: Closed
Subject: Change the LinkADMIN password for SQL Server to a Complex Format
Summary:    

Change the LinkADMIN password for SQL Server to a Complex Format. Since this is an application password, we need to ensure that users do not know this password.

The current password is an encrypted version of a 10-digit password. We are extending this to an encrypted version of 30 characters that meets these requirements:

  1. Include Symbols:( e.g. @#$% )
  2. Include Numbers:( e.g. 123456 )
  3. Include Lowercase Characters:( e.g. abcdefgh )
  4. Include Uppercase Characters:( e.g. ABCDEFGH )
Audit Notes:Edited by sanjay on 12/01/23 11:15. Edited by sanjay on 12/01/23 11:14. Edited by sanjay on 12/01/23 10:08. 
16 Jan 202302:57PM Comment 1 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 18-01-2023 06:54 PM Time Taken: 18.00 Notes: ETC extended from: 31/01/2023 to 18/01/2023
PART A - Development work for this case has been completed.

1. The change will be available in version: 14.40

2. The following changes were made(Include Database object names, Program classes, and any other relevant information):

  1. Password changed to complex 30 characters Randomly generated string containing special characters, upper, lower case and numeric

3. Affected Areas:

  1. LinkSOFT WEB, Process Service and POS applications
  2. The password in the config file is encrypted using 2048 AES
  3. You can copy this password from the web config if you want to run older versions on the same server

4. The issue was caused by:

  1. Security  improvement

5. Other Relevant Notes
6. Next Step
(Review and System Test (Developer) -> UAT (Quality) -> Documentation):UAT


26 Jan 202310:11AM Comment 2 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 01-02-2023 02:09 PM Time Taken: 18.00
The following tests were performed:

Table 1 - Test Results
NoTest CaseExpected ResultPass/FailComments
1Attempt to log in to SQL Server using LinkADMIN Password
Old password should not work
Pass

2
Application should work with POS, LinkWEB, FTP and DB Utilities

Pass

Environment Details

  1. OS version: Win11
  2. Application version: 14.40
  3. Setup on:
    1. Server: LinkQA4
    2. Database: LinkSOFT
    3. LinkSOFT URL: HTTP://LinkQA4/LinkSOFT
  4. Login Details: Standard username and password for user "admin"

Next Step: Closure


If you have any queries regarding this support incident, please email admin@linktechnologies.com.au and include the Case No: L12830 in the subject line of all emails regarding this issue.

Document size: 8.4 KB
For call complaints, please contact the Managing Director of the company using this form