Secret Server Feature


Secure privileged accounts with strong encryption.

Secret Server password management software uses the Advanced Encryption Standard for encrypting sensitive data.

The challenge

Most of the time shared passwords are stored in clear text in custom databases, spreadsheets or even shared documents. Easy targets for attackers to overcome and insufficient for many compliance requirements

Why it's important

Privileged accounts represent some of your most sensitive data. Make sure they are properly protected using advanced encryption standards.

How we solve it

AES 256 bit encryption is the strongest encryption available for password management software. When  AES 256 bit encryption  is combined with our other security features like an HSM or DoubleLock, provides unsurpassed security for sensitive enterprise passwords.

In addition to at rest encryption of Secret data, Secret Server can also be used with SQL Server Transparent Data Encryption (TDEM) for further data protection. SSL/TLS can be enforced on all connections to ensure end-to-end encryption.

Additional Information.

Encryption Key

unique for every installation.

Secret Server generates a unique encryption key during installation. This key is encrypted and kept in the encryption.config file or managed by an HSM. The combination of this file and your Secret Server database allows you to reconstitute your system at any point. 

Backup your encryption.config file, database and your Secret Server application folder to ensure smoothly moving and/or restoring of the application,

Login Password Protection

encryption for every password.

Secret Server hashes and salts local user passwords using a randomly generated salt and the PBKDF2-HMAC-SHA256 hashing algorithm. Active Directory logins authenticate directly to the domain and their passwords are not stored in the Secret Server database.

User Authentication

built-in options to secure and protect

  • Restrict logins to trusted IP Addresses

  • Set the number of login failures before a user is marked as inactive.
  • Require CAPTCHA on login.

  • Enforce login policy agreement before sign in.
  • Enforce two factor authentication using RADIUS, Google Authenticator, or Duo Security.

How secure is AES 256 bit encryption?

Advanced Encryption Standard.

Governments, the military and banks use 256 bit encryption to protect highly sensitive information; universities use it to protect privileged student data; the healthcare industry uses it to keep patients’ medical records secure. Today, organizations worldwide look to AES to protect themselves from hackers and cyber crime.

If you’re interested in advanced encryption techniques… check out the range of security and compliance solutions Secret Server provides for organizations that need to meet industry security standards.

Secret Server Hosting

Security Solutions as a service.
Maximize your password security,
Minimize your security risks.