In Toad for Oracle, session connections are allowed to store passwords, presumably encrypted How can I confirm that this is suitable for federal government security requirements?
Toad is compliant with FIPS 140-2 in the sense that it supports the use of only FIPS 140-2 approved algorithms. Specifically, to encrypt its users’ passwords
it uses AES (Advanced Encryption Standard) with a 256 bit key. The cryptographic library used to provide this functionality is the “Storage Library” from DeepSoftware (www.deepsoftware.com). Toad also includes the SecureBlackbox SSH client (SSHBlackbox) from
Eldos (www.eldos.com), which includes support for the following FIPS 140-2 compliant algorithms: AES 128, AES 256, and 3DES (Triple Data Encryption Standard).
Hope that helps,
Greg
From: vanzandt [mailto:bounce-vanzandt@toadworld.com]
Sent: Wednesday, October 15, 2014 1:36 PM
Subject: [Toad for Oracle - Discussion Forum] User password security
Thread created by vanzandt
In Toad for Oracle, session connections are allowed to store passwords, presumably encrypted How can I confirm that this is suitable for federal government security requirements?
To reply, please reply-all to this email.
Stop receiving emails on this subject.
Or
Unsubscribe from Toad for Oracle - General notifications altogether.
Toad for Oracle - Discussion Forum
Flag
this post as spam/abuse.
Greory, this is great info-something I was looking long time.
Brg
Damir