Voltar
-
Título
Encryption Algorithm Used to Encrypt User Passwords in Active Directory -
Descrição
What is the encryption algorithm used to encrypt a user's password for SSO applications in Active Directory?
-
Resolução
SSOData is encrypted by an SSO key which is always AES 128 - this is not configurable.
In turn, this SSO key is encrypted by the authentication method used:
- In password mode : AES 128 derived from the user password
- In smart card mode: depends on the XML file. In general RSA 1024 or 2048.
As per the release notes, in ESSO 8 Evolution 3:Since build 3646, Evidian E-SSO conforms to FIPS 140-2 standard. By default FIPS mode is not activated. If you want to activate it, you must set the
following registry value:
[HKEY_LOCAL_MACHINE\SOFTWARE\Enatel\WiseGuard\FrameWork\Config] "FIPSMode"=dword:00000001
Restrictions:
- FIPS 140-2 mode is supported on Windows platforms only,
- FIPS 140-2 mode is supported in password mode protection only. -
Solicitação de alteração
37917