starred/XG-Management-Helper
1
0
Fork 0
mirror of https://github.com/sophos/XG-Management-Helper.git synced 2026-04-25 23:45:49 +03:00
Code Issues 1 Projects Releases Packages Wiki Activity
Page: file backupKey
Pages
Home Menu Options action add password token action bulk change admin password action capcha check status action capcha vpn disable action capcha vpn enable action check older passwords action install hotfixes action password reset popup check action password reset popup disable action register enable all action register enable reporting action regster enable management action status check edit add edit auto check edit delete selected edit double click edit edit double click open edit set central creds edit trust ssh fingerprint file backupKey file exit file import help about help documentation help report issue help update view application logs view password change logs
1 file backupKey
alantoews edited this page 2020-05-22 15:11:17 -04:00

When the application is first launched it prompts the user to create a password. From this password, a unique encryption key is derived. A second encryption key is generated randomly, which will be used to encrypt all sensitive information stored by the application. This second key is encrypted with the key derived from the password, and stored in the windows registry for later retrieval.

If the password is lost, then the stored key cannot be decrypted, and any sensitive information stored by the application will be inaccessible.

The backup Key option allows admins to backup the key used for data encryption, in case the password is ever lost or forgotten. This backup file should be stored in a safe location, away from the computer this application is stored on, and only returned to the machine temporarily, if it is needed for recovery.

During login, an "forgot / change password" option is presented. If selected, you will be prompted to supply the export file created by the backup function. The user will then be prompted to supply a new password, and the restored key will be encrypted with the new password, instead of the one used previously.