Skip to main content
Version: On-Premise 3.0

Password Encryption

Password Encryption in Actions Express

Actions Express stores credentials for entities such as devices, activities, sites, and modules. As part of these credentials, password values are securely handled for authentication purposes.

All password values are encrypted and stored in the Actions Express database using the AES-256 encryption algorithm.

AES-256 Encryption Key Management

Key Generation

The encryption key is derived using the PBKDF2 algorithm, based on the following components:

  • Passphrase
  • Salt value
  • Initialization vector (IV)

Key Storage

The generated encryption key is stored in the TBL_Settings database table.

Key Rotation

The encryption key can be rotated using the Actions Express Encryption.exe tool, located in the Engine folder.

  • The tool re-encrypts all sensitive data in a single transaction.
  • Administrator credentials are required to perform key rotation.