Encrypting Passwords on ODBC DSN
When you install an ODBC driver and create a Data Source Name (DSN) the DSN settings are stored in the registry, including the password. Encrypting passwords on ODBC DSN applies only to Windows systems.
Encrypting passwords on an ODBC data source name (DSN) provides security against unauthorized database access. The password is not encrypted by default and is stored in plain-text.
Password encryption applies only to new or modified ODBC DSNs. If you have a DSN created in Version 8.0 or earlier and upgrade to 8.1, the password does not get encrypted regardless of the encryption settings.
Enable Password Encryption
Use the EncryptPassword parameter to enable or disable password encryption for an ODBC DSN:
EncryptPassword = true
enables password encryptionEncryptPassword = false
(default) disables password encryption
Set EncryptPassword
in the Windows registry - HKEY_LOCAL_MACHINE > Software > Vertica > ODBC > Driver EncryptPassword=<true/false>
.
For 32 bit driver running on 64 bit windows verify password encryption here:
HKEY_LOCAL_MACHINE > Software > Wow6432Node > Vertica > ODBC >
Driver > EncryptPassword=<true/false>
Encrypted passwords get updated in the following registry locations:
For a user DSN:
HKEY_CURRENT_USER-> Software -> ODBC -> ODBC.INI -> DSNNAME -> PWD
For a system DSN:
HKEY_LOCAL_MACHINE-> Software -> ODBC -> ODBC.INI -> DSNNAME -> PWD
Verify Password Encryption
Use Windows Registry editor to determine if password encryption is enabled based on the value of EncryptPassword. Depending on the type of DSN you installed, check the following:
For a user DSN: HKEY_CURRENT_USER > Software > ODBC > ODBC.INI > dsn name > isPasswordEncrypted=<1/0>
For a system DSN: HKEY_LOCAL_MACHINE > Software > ODBC > ODBC.INI > dsn name > isPasswordEncrypted=<1/0>
For each DSN, the value of the isPasswordEncrypted
parameter indicates the status of the password encryption, where 1
indicates an encrypted password and 0
indicates an unencrypted password.