PVM vs RDM for password management
Quick question about any differences in the security of password data between Password Vault Manager (PVM) and RDM. We decided to go with RDM as a password management tool in addition to connections manager - it meets all our needs in one package. (Having to use 2 different systems would be a terrible inconvenience and basically untenable.)
I noticed though that the PVM database structure is slightly different - the `data` field is entirely (base64?) encoded in the RVM db but in the RDM db it is just XML with password fields encoded.
Is RVM therefore inherently more secure? Is there an extra layer of protection in RVM?
Please forgive if this answered elsewhere - I did a search but could not find.
All Comments (3)
Hello,
By default, only the passwords are encrypted. Using our "Security Provider" allows you to encrypt that whole XML structure.
PVM is basically a subset of features from RDM, at the DB layer they are exactly the same. Someone must have applied a security provider to your PVM installation.
Best regards,
Maurice
Btw, I'm not suggesting that I think base64 encoding is a layer of security - but that it is making a binary encoded blob (encrypted blob) useable in db.
Wow, fast response.
Thanks. The PVM data is from old trial version. I'll check up the 'security provider' bit. Sounds like something we want on the data in RDM. Thank you!