Online Help > Overview

Security

Description

 

All passwords stored in the application database are encrypted using a strong encryption algorithm, to the extent that if a user attempts to access the data directly in the database, it will be considered unreadable.

 

If you choose to store passwords locally, Remote Desktop Manager will use the same mechanism used by mstsc.exe (Remote Desktop Manager client),which stores the passwords in the Window Credential repository. Passwords can be retrieved from "User Account" in Windows. It must be noted that the password will not be able to be viewed due to an encryption by Windows. Please refer to Windows Credential Manager for more information.

 

For information regarding storing credentials in a vault, see Credentials Overview.

 

U.S. Federal Government Approved Encryption

 

Our application integrates an Advanced Encryption Standard (AES) algorithm to protect your local files and your sensitive data in the database. A mix of our own private key and a master password (passphrase) is used to create a strong encryption key (256-bit key).

 

This cipher is incredibly secure. AES/Rijndael became effective as a U.S. Federal Government standard and is approved by the National Security Agency (NSA) for top secret information.

 

Tips

 

ShieldWarning48x48

Encryption of data while in transit is offered natively by our cloud services. Whenever you decide to use an on-premise solution, implementing encryption of data in transit must be implemented by using the tools involving your chosen technologies. Most customers that have security concerns already choose one of the supported Advanced Data Sources, follow instructions specific to the chosen solution.

 

ShieldWarning48x48

The encryption is built-in the application and is therefore the same for all copies of the software in circulation. It is imperative that you follow our recommended steps and apply a Security Provider to encrypt not only the passwords, but also all of the connection data that is stored in the data source. This will give you protection over your data at rest, using a key under your exclusive control.

 

 

We recommend you follow these steps to ensure security:

 

Using an Advanced Data Source and granting user access and assigning permissions.

Using encrypted communication with the database when available.

Using the Data Source Settings to control many setting that have an impact on security.

Using the Security Provider to encrypt entries completely instead of just the password.

If using the offline mode, add your own password to add an additional layer of protection to the local cache.

Require a password to launch the application, even require two factor authentication.

If your data source supports it, choose not to save password in the data source, which will prompt for the credential on the first connection.