Forum Discussion
Solved
ADFS Clear text password visible
We have integrated ADFS into one of our SharePoint application for authentication. Our internal security team has performed Vulnerability Assessment & found high severity VA point of AD password visi...
I'm not quite sure what the problem is or where the interceptor you mentioned is located.
When user enters credentials in AD FS proxy, they are plain text. But the connection between user's browser and AD FS proxy is SSL secured and so is the connection between AD FS proxy and AD FS server.
I'm not quite sure what the problem is or where the interceptor you mentioned is located.
When user enters credentials in AD FS proxy, they are plain text. But the connection between user's browser and AD FS proxy is SSL secured and so is the connection between AD FS proxy and AD FS server.