System Account Passwords
I was wondering if anyone knows the type of encryption and methodology used to store HPOO system account passwords. When you upudate a system account in central where is it stored and what type of encryption is used. This is audit related
Re: System Account Passwords
System accounts passwords as well as other senitive information in OO is encrypted using the AES algorythm and (by default) a key size of 128. This can be configured for more secure encryption by following the procedure described in the Security and hardening guide about configuring OO to be FIPS 140-2 compliant.
Regarding the storage part the system account passwords are stored encrypted in the OO database. Any updates done to these keys will in turn also be stored in the database encrypted, however these updates will not overwrite the original value that was stored for the system account password.
As a general rule everything that is done from the UI unless actively prompting you to save to the file system will be stored inside the OO database and furthermore any sensitive information (passwords, init strings and information marked as sensitive in flows) will be stored as encrypted.
Hope this helps,