Thank you for replying. However, we are not the system of record for the passwords. From the custom auth provider we call an external api to provide the authentication so we dont store the passwords in the ofuser table. Are you saying you can only select AES encryption if you are storing passwords on openfire’s external mysql database?