What is "Blowfish"?

Security of sensitive data in your store database is ensured by the Blowfish encryption algorithm. In X-Cart, this algorithm provides two levels of data encryption:

  • Blowfish key-based encryption (used for order details, user passwords and some internal data).
  • Merchant key-based encryption (used for order details).

During installation, X-Cart generates a secret key to help you ensure store security - the Blowfish key. This key gets written to X-Cart's configuration file as the value of the $blowfish_key variable, and, immediately after this key is generated X-Cart begins using this key to encrypt user passwords, order details, and other sensitive information. The same key is used to decipher the encrypted data, so your customers' data stays protected even if a malicious user gains access to your database - provided this user did not get access to the configuration file of your X-Cart installation and your Blowfish key has not been compromised.

  • 7 Users Found This Useful
Was this answer helpful?

Related Articles

How can I edit the welcome text on the home page?

The welcome text displayed on the X-Cart home page along with all other labels and messages used...

How can I upload images for use on X-Cart pages?

The built-in X-Cart WYSIWYG editors don't include an image upload function. They require you to...

How can I change the Blowfish key?

It is quite safe to use X-Cart with the Blowfish key generated during installation; however, if...

I lost my admin password. How do I change or reset it?

If you can log in to your X-Cart admin area using another account, please do so, and reset/modify...

Why is my new Category icon image not visible?

There are many possible causes for this problem. However, the most common is attempting to upload...

Powered by WHMCompleteSolution