Toad World® Forums

User password security

In Toad for Oracle, session connections are allowed to store passwords, presumably encrypted How can I confirm that this is suitable for federal government security requirements?

Toad is compliant with FIPS 140-2 in the sense that it supports the use of only FIPS 140-2 approved algorithms. Specifically, to encrypt its users’ passwords
it uses AES (Advanced Encryption Standard) with a 256 bit key. The cryptographic library used to provide this functionality is the “Storage Library” from DeepSoftware (www.deepsoftware.com). Toad also includes the SecureBlackbox SSH client (SSHBlackbox) from
Eldos (www.eldos.com), which includes support for the following FIPS 140-2 compliant algorithms: AES 128, AES 256, and 3DES (Triple Data Encryption Standard).

Hope that helps,

Greg

From: vanzandt [mailto:bounce-vanzandt@toadworld.com]

Sent: Wednesday, October 15, 2014 1:36 PM

To: toadoracle@toadworld.com

Subject: [Toad for Oracle - Discussion Forum] User password security

User password security

Thread created by vanzandt

In Toad for Oracle, session connections are allowed to store passwords, presumably encrypted How can I confirm that this is suitable for federal government security requirements?

To reply, please reply-all to this email.

Stop receiving emails on this subject.

Or
Unsubscribe from Toad for Oracle - General
notifications altogether.

Toad for Oracle - Discussion Forum

Flag
this post as spam/abuse.

Greory, this is great info-something I was looking long time.

Brg

Damir