Home » Blog » Asterisk/Vicidial » How to enable user password encryption in vicidial

How to enable user password encryption in vicidial

how to enable user password encryption in vicidial

How to enable user password encryption in vicidial. Enabling user password encryption in Vicidial is a simple yet effective step for ensuring secure access to your dialer software. In this article, we’ll show you how to enable user password encryption for Vicidial.

Password encryption is an essential cybersecurity measure for preventing unauthorized access to your the system. Encryption is the process of transforming plaintext passwords into an unreadable format (i.e., ciphertext) that only authorized users can access.

In Vicidial, password encryption can be enabled by making a simple configuration change in your dialer settings. To begin, login and open the dialer Configuration tab, then select System Settings, and then Security Settings. Under the Security Settings tab, scroll down to find the option Enable User Password Encryption. Select Yes to enable the encryption.

Once password encryption is enabled, all passwords are encrypted with a secure key created by the dialer software. This key is generated automatically and is not stored anywhere on the system, ensuring that passwords remain secure.

It’s important to note that password encryption does not guarantee complete security. It is essential to use strong passwords for your users and to adhere to general security principles such as using two-factor authentication where possible.

In conclusion, enabling user password encryption on your Vicidial system is an essential step for secure access. By making this simple configuration change, you can add an extra layer of security to your software and protect your user accounts from unauthorized access.

how to enable user password encryption in vicidial.

Time needed: 5 minutes

Enabling the Vicidial Password Encryption

  1. Step 1: Installing Bcrypt perl

    what is Bcrypt?
        Bcrypt is cryptographic hashing algorithm, recommended for password hashing ,designed by Niels Provos and David Mazières, based on the Blowfish cipher
    Using the CPAN console install the Bcrypt, run the below command

    cpan
    install Crypt::Eksblowfish::Bcrypt

  2. Step 2: Enabling the Password Encryption

    By default the Password encryption is disabled in Vicidial, you check the same under ADMIN u003e SYSTEM SETTINGS u003e PASSWORD ENCRYPTION: Disabled.

        To enable Password Encryption feature you need to the vicidial script at command line console.SSH to your vicidial server linux console, and run the below command to make sure Encryption works without any error.

    /usr/share/astguiclient/ADMIN_bcrypt_convert.pl u002du002ddebugX u002du002dtest

    If no errors received run the same script without u002du002dtest flag as shown below

    /usr/share/astguiclient/ADMIN_bcrypt_convert.pl u002du002ddebugX 

    Now navigate to ADMIN u003e SYSTEM SETTINGS u003e PASSWORD ENCRYPTION
    now you may notice the Password Encryption is enabled, Followed to that any new users created in the vicidial the passwords will be encrypted.

  3. Step 3: Encrypting Plain Text Password

    All the users passwords which are created before enabling the Password encryption, will remain as clear plain text ,to encrypt the existing plain text passwords either manually edit them and update or run the below command to convert all the plain text to encrypted text.

    /usr/share/astguiclient/ADMIN_bcrypt_convert.pl u002du002dclear-plaintext-pass
    or
    /usr/share/astguiclient/ADMIN_bcrypt_convert.pl u002du002ddebugX u002du002dupdate-override u002du002dclear-plaintext-pass

How to Reset the Forgotten Password

    If you have forget the admin password , you need to update the password under mysql/mariadb with the hashed password, for non-admin users either you can update the password from admin login or follow the below procedure.

Step 1: Generate the Hash Password

Run the below command from SSH console with the password which you want to set of a user
for example for admin user 6666 i need to set a password as admin123

/srv/www/htdocs/agc/bp.pl u002du002dpass=admin123

The above command will output the HASHED value of admin123 ,copy that proceed to step 2

Step 2: Updating the Mysql user table

once hash password generated run the below mysql command with the password generated in step 1
mysql -p
use asterisk;
UPDATE vicidial_users set pass_hash='kfYvywV959fn09rSZML70wHjjxsaYjm' where user='6666';


Now you can login to the vicidial admin or agent portal with the new password.

Conclusion:

hope you now you able to encrypt the user password of vicidial

Scroll to Top