Skip to main content

Theme Settings

Layout Style




Encrypting and Handling Passwords in an Enterprise Integration (EI) Project using AngularJS and Appiyo BPM


The defacto choice for UI in present day Enterprise integration projects is AngularJS. Enterprises use AngularJS to provide a consistent look and feel to the user irrespective of the technology that drives the business rules. i.e. if you were a Bank you would have applications from atleast eighteen different vendors each having its own UI. Using AngularJS and an Enterprise Service Bus like Appiyo you can provide a consistent UI across all applications with REST over HTTP

In the course of our work with several Banking and Financial clients we have realised that AngularJS provides a challenge in handling passwords during the login process

Anyone with a stint in server side scripting would tell you that when users enter their credentials on a login page the password field is obscured with an asterix. However when the form is submitted the credentials are transferred un-encrypted. The security is provided at the protocol layer because a submit button automatically triggers a POST request and if you have HTTPS enabled it provides an additional security layer. Once the values are received at the server end the value is compared with the value of the password that is stored in the database (after decrypting it)

However AngularJS provides a challenge, the framework doesn't support any encryption so developers tend to use the atob() to obscure the password. This is incorrect because the atob() function encodes the input it receives and does not encrypt it. So it is possible to arrive at the orginal value by decoding the encoded value

The right method to implement encryption is to use a library like AngularJS Crypto to encrypt passwords and use Crypto JS to decrypt passwords at the server end


Leave a comment

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.

Get the latest in Fintech

Subscribe to our online newspaper dedicated to Financial Technology