Password encryption in XML file


Author
Message
Ganguzin
Ganguzin
New Member
New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)
Group: Forum Members
Posts: 7, Visits: 35
I've seen in Macrium 6 password is no more plain-text.
But, I believe it's encrypted with some key hidden in Macrium.  Is it possible to add a master password for better security?

Nick
Nick
Macrium Representative
Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)Macrium Representative (3.3K reputation)
Group: Administrators
Posts: 1.9K, Visits: 11K
@Ganguzin 

Thanks for posting. 

I'm afraid it isn't possible to provide your own decryption key for the XML file. The key to decrypt passwords in the XML is hidden using stenography and the password is encrypted using AES. The XML password needs to be decrypt-able to enable scheduled tasks to run unattended.  Please note that encrypted image files cannot be decrypted without access to the image password. Encryption was added to the XML file storage to prevent those that have access to the XML file and the image file from gaining access easily, however, securing access to the XML file, and where the password is saved/memorized/written down, is ultimately the responsibility of our customers.

For increased security you could:

1. Encrypt the folder containing your XML files using Windows Encrypting File System (EFS). Encrypting with EFS means that only your Windows user account can read the XML contents and perform backups:
http://windows.microsoft.com/en-gb/windows/what-is-encrypting-file-system#1TC=windows-7

2. OR, If you use the password $PROMPT$ then, when the backup runs, you are prompted to enter a backup password. The password isn't saved in the XML, however, using this method you must be available to enter the password when your backups run.


3. OR, use an MSDOS batch file to run your backups and use the parameter -pass "your-password" in the command line to Reflect.exe. This overrides the XML storage. You could then encrypt the batch file using any method you want and decrypt the batch file prior to running the backup. However, you will have the problem of hiding the decryption key for the batch file if you want your backups to run unattended.


Kind Regards

Nick - Macrium Support

Next Webinar


Ganguzin
Ganguzin
New Member
New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)New Member (15 reputation)
Group: Forum Members
Posts: 7, Visits: 35
Nick - 15 June 2015 11:49 PM
@Ganguzin 

Thanks for posting. 

I'm afraid it isn't possible to provide your own decryption key for the XML file. The key to decrypt passwords in the XML is hidden using stenography and the
...


Ok, I didn't ask so much.  Just to know the security level.
I could also save XML files on an external pen drive or use disk encryption.
Thanks & cheers.  G


GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...




Reading This Topic

Login

Explore
Messages
Mentions
Search