Understanding how Keychain is Securely Encrypted

Home Support Keychain Understanding how Keychain is Securely Encrypted

The ITmanager.net Keychain is encrypted on the client side with AES using a hash of the account password. The clients store the encryption key based on the user password and use that decryption key to decrypt the keychain when needed.

The keychain is encrypted using a hash of your username and password.  The password is not stored in any of our systems, we hash and salt your password before storing it so it is impossible for anyone to decrypt the keychain without the password.  Because of this, only your own personal user account can access your own keychain.   If you forget your password and need to reset it, the contents of your keychain will not be accessible and your will need to reset your keychain.  It is possible for you to disable the Keychain feature using a Policy under the ITmanager.net Company Settings and this will require you to enter your credentials every time you attempts to manage a server.   You can also force enable 2FA on your account so that nobody can access the account without entering your 2FA passcode, this is also done under Company Settings.

With the secure keychain, you can quickly access your services without having to enter your credentials each time you login.

The keychain is synced automatically between all your mobile devices and allows you to share your credentials between multiple saved server connections.

The types of credentials supported by the ITmanager.net Keychain include Username & Password (and Domain), AWS keys, SSH private keys, and Google Apps tokens.

You can add as many credentials as you like to your keychain and have the option to name each one.

Still have questions?

Send us an email: support@itmanager.net