web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Saving users credentia...
Customer experience | Sales, Customer Insights,...
Unanswered

Saving users credentials inside CRM

(0) ShareShare
ReportReport
Posted on by Mazex 54

Hello,

       I am having a requirement from a client, he is asking to save a username/password in the contact record. Now, I know that if I am installing power portal, it'll save the same info in the contact record.

But, as there is no power portal here, I am doing it directly on CRM? does anyone has a better architecture to achieve this without breaking any security?? Though, the customer has it's own mobile app so they'll query CRM for verification.

Thanks.

I have the same question (0)
  • Guido Preite Profile Picture
    Guido Preite 54,086 Moderator on at

    instead of the password in plain text you should save a salted hashed of the password and use this value as authentication purposes.

  • Gustavo Longo Profile Picture
    Gustavo Longo on at

    hello Mazex,

    Hope you are well and safe.

    The entity attributes that are configured for field-level data encryption are listed in the following table.

    Entity Attribute
    EmailServerProfile IncomingPassword
    EmailServerProfile OutgoingPassword
    Mailbox Password
    Queue EmailPassword
    UserSettings EmailPassword

    Article: docs.microsoft.com/.../field-level-data-encryption

    Regards,

  • Fubar Profile Picture
    Fubar 2,761 on at

    Not recommended but salted hash as per Guido.  Note: if you enter a password into a field in CRM and then hash it, make sure you exclude the field that data is being written into from the Audit History, and from memory I think you also want to do the Hash as a Pre Operation plugin (again trying to limit the exposure of the actual password value), and clear the actual password field.

  • Mazenx1987 Profile Picture
    Mazenx1987 10 on at

    Why its not recommended if Power Portal is using exactly the same architecture?

  • Fubar Profile Picture
    Fubar 2,761 on at

    Not recommended as I am not recommending it but you can do it if you want, and even with the PowerApps Portal Microsoft prefer you not to use the Local Login and use Azure AD B2C or another identity provider instead (like google or facebook etc) - for these there is just a related record against the Contact that holds the identity provider and an identifier (no password hash etc).

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
Tom_Gioielli Profile Picture

Tom_Gioielli 73 Super User 2025 Season 2

#2
Gerardo Rentería García Profile Picture

Gerardo Rentería Ga... 43 Most Valuable Professional

#3
Daniyal Khaleel Profile Picture

Daniyal Khaleel 32 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans