Error while decrypting string

0
Hi all, We moved from V6 to V7 and in the process the Encryption module was moved from 1.3.1 to 1.4.1. We have a couple of incidents cropping up where users are unable to sign in due to the error message “Encryption: Error while decrypting string: Cannot decrypt the text because it was either NOT encrypted with a key of length 16 or they key is different”   I have logged in as an admin, changed their password. The user has then signed in and been prompted to enter the password I changed to, along with their new password. They are displayed the generic “contact system admin” error message. The logs display the message above.   I have looked around the forums and seen a few comments around a change in the AES encryption method, moving from CBC to avoid some vulnerability. https://forum.mendix.com/link/questions/90111   One solution I come across was to change the constant for the encryption prefix to {AES2} instead of {AES}. This apparently makes it backwards compatible.  I have tried this and I am still seeing the same issue with a user. In a lower region were this is deployed, I don’t appear to have the same issue, at least I can’t replicate it.   Has anyone else come across this issue and how on earth was it resolved?
asked
1 answers
0

Did you also do this step: It is advised to reencrypt the encrypted data by first decrypting and then encrypting them again (to ensure they are encrypted with the new mechanism).

Regards,

Ronald

 

answered