Storing Credentials in JAMS and Their Security

Follow

JAMS stores the password and private keys for the JAMS users encrypted in the JAMS database in the UserSecurity table.

JAMS encrypts password and private key information when it is stored in the database. The standard JAMS installation uses a predefined encryption key which is adequate for many sites. 

For additional protection, users can generate a unique encryption key but, if this option is used, you must ensure that the encryption key is properly backed up and secure.

When users generate a unique encryption key, JAMS uses the Rinjndael encryption algorthm to reencrypt all of the password and private key information in the database. 

The generated key is then encrypted and stored using the Windows Data Protection API (DPAPI). The protected key is associated with the user account that the JAMS Server and Scheduler services run under.

Windows Data Protection API

If users would like to generate their own keys to protect their encrypted credential information, please see this reference documentation here:

Managing Encryption Keys

 

 

Have more questions? Submit a request

Comments