Questions and Answers about NSL encryption

Questions and answers about encryption with NSL:

Q - What encryption method is used ?
A- AES or triple DES is used (AES is only available in version 6 and above and requires datastore version 6.0). Please note AES is not available on Win2k machines. This is a Microsoft limitation.

Q - When is data encrypted (at what point in the process) ?
A - When SecureLogin is starting for the first time. SecurLogin also encrypts data when saving SSO data such as credentials, application definitions, and SSO preferences.

Q - Where is it stored on the workstation ?
A- SecureLogin data that is encrypted is stored in a cache file that is stored on the workstation. The cache file location can either reside in a custom location or the appdata folder under the user profile
directory.

Q - Where is it stored in the directory ?
A – On the PROT: SSO attributes of the user object

Q - How is it stored on the workstation ?
A - SecureLogin stores the user's SSO data in a local cache file on the workstation. Please note if SecureLogin is installed on a Windows server, SecureLogin by default will not create/use cache files.

A - How long does it remain on the workstation ?
Q - This depends on what the cache expiry setting which is set on each individual workstation.

Q - How many keys are used in the encryption ?
A - Two keys.

Q - How can the credentials be retrieved and decrypted ?
A - They can't, except by the SecureLogin client as it uses the data.