The settings defined in the Settings -> Security screen should be changed with caution.
SoftSlate Commerce does not store the method of encryption at the time a password or payment information is recorded. This has the following consequences, if you decide to switch the encryption settings after your store has been in operation:
- If you have not been using encryption and you switch the settings to use one- or two-way encryption, the system will treat all passwords, including ones defined previously and stored in plain text, as though they are encrypted. If you have to do this, you should first record the unencrytped passwords offline, and then update the passwords using the Administrator, in the Customers or Administrators area. This will update the customer and adminstrator accounts with the same passwords as before, storing them now in encrypted format.
- Similarly if you have been using two-way encryption for passwords and you switch to no encryption or one-way encryption, none of the previous passwords will be recognized. You should record the passwords offline first, and then update the passwords using the Administrator, in the Customers or Administrators area so they conform to the new encryption style.
- If you have been using one-way encryption for the passwords, there is no way to recover previous passwords if you then decide to switch the encryption settings. Customers and administrators will not be able to log in after making the switch.
- The same issues arise with respect to credit card information. The system will not be able to decrypt credit card numbers correctly if you change the encryption setting, unless you first record the information offline and then update each of the numbers for each order under the Orders area.
![[Note]](images/note.png) | Note |
|---|
The key used for two-way encryption is a file stored on the Web server. The only way to generate this file is through the Installer application. If you need to switch to two-way encryption, but you did not generate the key when you installed SoftSlate Commerce, you need to unlock the Installer tool and run the routine to generate the two-way key. |
