How are Passwords Handled?

DbRhino manages database passwords for your database users and does so securely. Before you are able to add a database to DbRhino, your agent must be setup and running. Your agent automatically generates an RSA private/public keypair and sends the public key to the DbRhino servers. The agent's private key is never exposed. This public key is used to encrypt passwords so that only your agent is ever able to view the plaintext passwords.

There are two times when DbRhino asks for a password:

  1. When you add a database to DbRhino
  2. When a database user has been added to a database

In both of these cases, the password is immediately encrypted using your agent's public key and the plaintext password is then discarded. DbRhino is thus incapable of viewing the plaintext password after this point.