2 Replies Latest reply: Nov 24, 2012 6:45 PM by Deepak Vadithala RSS

    User and password encryption in odbc string

    Leonardo Raed

      Hi,

       

      Does anybody know wich type of encryption algorithm is used by Qlikview in ODBC strings?

       

      I was reading the reference manual but I didn't found anything.

       

      Thanks.

       

      Leo.

        • Re: User and password encryption in odbc string
          Henric Cronström

          Depends on what you mean...

           

          The XUser and XPassword parameters in the connection string are not encrypted. They are merely scrambled so that it is not possible to read the password when you look at someone else's screen. Obuscation - not encryption.

           

          The credentials are passed to the ODBC driver (on the same computer) in clear text.

           

          The ODBC driver in turn, sends the credentials to the RDBM server. This step can often be properly encrypted, but this is done by the ODBC driver, not by QlikView. So, look in the settings of your ODBC driver or OLEDB provider.

           

          HIC

          • Re: User and password encryption in odbc string
            Deepak Vadithala

            Good question Leonardo. I did some research on this area and found out that QlikView ODBC connection strings are stored in Base64 Scrambling method. As suggested by HIC, you can control ODBC connection string encryption outside QlikView. And you have one more option of using VBScript with ChilkatCrypt2 encryption component. I have not implemented it but this should work.

             

            HIC - Any plans in future versions to add the encryption? Not just ODBC connection string but I'm also concerned about Hidden Script Password...

             

            Thanks in advance.

             

            Cheers,

            DV


            www.QlikShare.com