Recent Changes - Search:

Categories

How Is The Sensitive PG Profile Data Stored

How is the sensitive PortalGuard profile data stored?

Tags: security

Problem Definition

You are wondering how PortalGuard stores sensitive data a user has input.


Solution

PortalGuard incorporates strong security measures to protect user data. Some sensitive data in the PG user profile is one-way hashed (e.g. challenge answers). Other data that must be retrieved (like the Mobile Authenticator shared key) is encrypted using AES-256. Other things like "last logon" timestamps are in clear-text. It is possible, however, to encrypt all the data at rest using MS SQL Server's "Transparent Data Encryption" feature.

Page last modified on February 29, 2016, at 01:41 PM