How does Secure Password Administrator encrypt data in the SQL Server database? (NETIQKB49476)

Document ID:7749476
Creation Date:02-Feb-2007
Modified Date:05-Oct-2011
- Micro Focus Products:
  Secure Password Administrator

Environment

Secure Password Administrator 1.0

Situation

How does Secure Password Administrator encrypt data in the SQL Server database?

What type of encoding is used in the SPA database?

How does SPA limit access to critical password information?

Resolution

Secure Password Administrator (SPA) encrypts users' challenge questions and answers. SPA also encrypts password history if you installed hotfix NETIQKB44178. SPA stores the encrypted information using 160-bit Blowfish in one of the tables in the SPA SQL Server database.

For more information about the hotfix, see the NetIQ Knowledge Base article NETIQKB44178: "Secure Password Administrator does not allow for web-based password history or password aging" at https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB44178.

Additional Information

Formerly known as NETIQKB49476