Online Help > Commands > Administration > Settings

Security Providers

Description

 

BadgeInfo48x48

This feature requires an Advanced Data Sources.

 

The security provider is available from Administration - Security Provider. The security provider is responsible for encrypting the data in the database.

 

BadgeInfo48x48

Regardless of the security provider you've selected, the passwords are stored in the database are ALWAYS encrypted using AES 256 bit encryption.

 

ShieldNotice48x48

By using a Security Provider, you ensure that nobody can read your entry configuration data, even when people have a direct access to your database(s) or a backup. You should always use this when you use a data source that is not local, especially when using Devolutions Online Database.

 

Settings

 

BadgeInfo48x48

Please note that changing a security provider on a data source with a great number of entries is a lengthy operation.

 

BadgeCaution48x48

Applying a new security provider does process the whole database, therefore we advise you to create a backup prior to this operation.

 

1. Click on Change the security settings to change the security provider.

 

Security Provider

Security Provider

 

2. Select your new security type from the drop down menu.

 

Security Provider

Security Provider

 

Option

Description

None

The session data is not encrypted at all (it will still be encrypted using AES 256 bit encryption).

Basic

All of the data is encrypted in the database, and it's impossible for an external system to access it.

Default

This is the legacy security provider. The data is encrypted if the session configuration is set accordingly in the advanced settings.

Shared passphrase

All of the data is encrypted with a mix of our key, a salt and the pass phrase. This is the most secure encryption, but if the passphrase is lost, there is nothing that can be done to recover the data.

Certificate

See Certificate below for more information.

 

Shared Passphrase

 

BadgeWarning48x48

If the passphrase is lost, there is nothing that can be done to recover the data. Always copy it to a secure location when putting it in place.

 

All of the entries configuration data is encrypted with a mix of key stored in Remote Desktop Manager and the passphrase you've entered. The passphrase is required only when configuring the data source.

 

Certificate

 

If you have chosen Certificate as your Security Provider,  it will encrypt the entry configuration data with a mix of key stored in Remote Desktop Manager and the private key contained in the certificate.

 

Certificate Security Provider

Certificate Security Provider

 

Option

Description

Location

Indicate the certificate location. Select between:

Current user

Local machine

Store

Indicate the store location of the certificate. Select between:

Address book

Authorization root

Certificate authority

Disallowed

My

Root

Trusted people

Trusted publisher

Thumbprint

Select a certificate that already exist to use for the encryption.

 

Create Certificate

 

You can choose to create your own Self Signed certificate by clicking on Create Certificate.

 

Self Signed Certificate

Self Signed Certificate

 

Option

Description

Common name

Name of the certificate.

Key size (bits)

Indicates the key size (bits) of the certificate. Select between:

384

512

1024

2048

4096

8192

16384

Valid from

Starting date of the certificate.

Valid to

Ending date of the certificate.

Save to file (pfx)

Save the certificate into a pfx file and secure this certificate with a password.

Save to certificate store

Indicate the location and the store to save the certificate.