Are login credentials encrypted? - over the network connection - in memory - on disk? Client-to-server and Web UI to server?

Highlighted
Hero

Are login credentials encrypted? - over the network connection - in memory - on disk? Client-to-server and Web UI to server?

The Prognosis Client / GUI / thick client authentication is fully encrypted across the wire to the server process irnetrtr. The credentials pass through via an API to the underlying operating system for authentication so it is not stored anywhere in memory or on disk. Hence why we login into the Prognosis Client using a pre-existing Windows account (or Unix or HP NonStop account ).

The Web UI / Web interface authentication goes over the wire via a standard IIS HTTPS connection (HTTPS is encrypted of course) and a Prognosis process irpqlsrv needs to keep track by storing 'login tokens' in memory to avoid storing credentials anywhere.

Note that in addition to encrypted credentials, the Prognosis 11.0 and later versions has FIPS compliant encryption over the Client-to-Server connection. See Online Help for details:
User Interfaces > Windows Client > Server Logon > Server Logon

HTH
Tags (1)
Webinar: Keep the modern workforce connected

Unified Communications has always been an important part of companies' digital transformation efforts due to its ability to enable rich virtual collaboration and communication. But with COVID-19, we've reached a break-through point.

Join Bill Haskins, Sr. Analyst & Partner, Unified Communications at Wainhouse Research, and John Ruthven, CEO at IR discuss UC challenges companies are experiencing due to the COVOID-19 crisis.

Join webinar