Hot!FortiClient username and password encryption for windows

Author
peter123
New Member
  • Total Posts : 9
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/04/03 08:25:57
  • Status: offline
2020/04/05 17:48:28 (permalink)
0

FortiClient username and password encryption for windows

Hello,
you write the properties for each connections to the registry for windows (see HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\).
 
There are the reg strings DATA1 (username), DATA2 (password) and DATA3. How do you encrypt the password? What is the key? And for what is DATA3?
post edited by peter123 - 2020/04/06 00:33:22
#1

2 Replies Related Threads

    ede_pfau
    Expert Member
    • Total Posts : 6267
    • Scores: 526
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: FortiClient username and password encryption for windows 2020/04/06 00:37:09 (permalink)
    0
    No, you don't.
    At least this is not the way you configure FC. It's precisely what you are asking for that there is the 'official' way of configuring username, password and other detail info.
     
    Storing username and/or password on a mobile device is a no-go anyway. If you let that happen (even for your notebook) you weaken your security a lot.
     
    If you do have to provision configs from the command line, you can create the XML config file which is written in cleartext, and then load or have your users load it into the FC. Here again, this is not the way it's designed - for provisioning and deployment there is the (Windows) EMS.

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #2
    peter123
    New Member
    • Total Posts : 9
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/04/03 08:25:57
    • Status: offline
    Re: FortiClient username and password encryption for windows 2020/04/06 00:52:16 (permalink)
    0
    Hello ede_pfau,
     
    > Storing username and/or password on a mobile device is a no-go anyway. If you let that happen (even for your notebook) you weaken your security a lot.
     
    The FortiClient save the password on your device! See the DATA2 entry. And the key have to be also at the device. So I asking for interests what a cipher they use and what the key is.
     
    It would be better if the FortiClient would use the Protected Storage from Windows actually.
    #3
    Jump to:
    © 2020 APG vNext Commercial Version 5.5