SECURITY


Configuring encryption for ID files
The ID of any Notes client running Notes 8.0 or later can be encrypted using AES. Any ID used with Notes 8.0 or higher benefits from the strong security provided by AES encryption. You must use a Domino 8.0.1 or later server to implement AES for ID file encryption.

The following options are available for ID file encryption:


Perform the following steps to configure ID file encryption:

1. In the Domino Administrator client, create a new Security Settings document, or open an existing one.

2. Click Password Management and in the ID File Encryption Settings section, select one of the following options:

3. Specify the number of iterations for key derivation strength. Key derivation strengthening is a technique used to make it more costly for malicious attackers to guess likely passwords through a brute force dictionary attack. They work by increasing the time it takes to generate a key from a password. The value for this field is the number of times an HMAC algorithm is applied as part of the operation that generates a key from the password. Specifying a larger number for this value increases the duration of each attempt during a dictionary attack. The default setting for this field is 5000, which is acceptable in most environments. Organizations with higher security requirements may wish to specify a higher value.

4. Save the Security Settings document and assign it to a policy, if you have not already done so.

Examples:


Related topics