JXWorkBench Password Vault

 

The Password vault is a way of securely storing directory passwords between sessions, and is an addition to the template save functionality on the connection window. It comes in two flavours; a convenient, low security version that encrypts passwords automatically, and a high security version where the stored passwords are encrypted using the secure 'Blowfish' cypher and a user provided vault key.



 

Save Password: This 'quick save' option encrypts the passwords locally using a secret key kept by the client. While convenient, this system can be broken by a reasonably skilled cryptographer, and of course is vulnerable if your system is physically compromised (e.g. your laptop is stolen).

 

Lock with Password Vault: This option encrypts all passwords against a 'vault password' provided by the user. While not quite as convenient as the 'quick save' (the vault password must be entered every session) it is far more convenient when working with multiple directories, and is cryptographically secure.

 

Don't Save Password: The password does not have to be saved, and some organisations may insist on passwords being re-entered every time.

 

Activation

 

The passwords are only saved when the template is saved (e.g. the 'save' button under 'use a template' is pressed).