[ https://issues.redhat.com/browse/ELY-1915?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on ELY-1915: --------------------------------------- A while back I think [~dmlloyd] suggested we could back the credential store in a similar way to how we back our filesystem realm, that could be something to consider - if we were to do that we could have complete control of how the entries are encrypted. If we did that I would consider that we look at both symetric and asymetric encryption, one use case I think could be useful is: - # A DBA creates a new account with password for a server. # The DBA encrypts an entry in an agreed format using the public key of the server. # The entry is imported into the server's credential store. # The server loads the entry from the credential store using it's private key to decrypt. I have seen cases where users use multiple credential stores so one team providing credentials can not see the credentials provided by another team. Anyway that is a bit of a tangent but if we do look to increase the strength of the encryption I think reviewing the type of the encryption at the same time is worth considering. -- This message was sent by Atlassian Jira (v7.13.8#713008)