RDPM Database Encryption

Hi,
Do you mean for the attachment or for the sessions?

What i mean are "text sessions"
When we add a web session, say for a switch or ups web interface, we also add a text session (using the plugin) to save the login data.
I noticed that unter advanced there is the option to encrypt the configuration the data source, can you give me some insight in how it is encrypted exactly?

We will be subject of a security audit in Q1 2011. I would be very gratefull for any kind of documentation regarding security aspects of RDPM.

Thank you for your support

Hi,
All the password are encrypted by default with a 256 bits key. When you checked the other setting in the Advanced tab, all the XML is encrypted with another key. This mean that the password are double encrypted. It might be important if you have sensitive data in the description or in the custom field.

Also, since the version 5.9, it's possible with the SQL Server data source to set a security provider (File-Security Provider) and use the Basic Provider. All the data will be encrypted no matter what is set in the Advanced tab. You can also choose to encrypt it with a mix of our key and a passphrase, but be careful to not loose the pass phrase or we will not be able to do anything. (create a backup before you set it and save it at a secure place).

I hope this help a little bit.