Method of encryption for uaencrypt.exe

I've been asked by the security team how the username/password is encrypted by uaencrypt.exe.

I can see on the docs how to run the tool to encrypt the passwords - but not what type of encryption is used.

Does it use AES256 encryption?


  • 1
    Dominik Britz

    Hi Daniel,

    When uberAgent's username encryption is on, the user names are encrypted in a simple way. The aim is to achieve obfuscation and high speed. Last but not least the encryption should be reversible (symmetrical). The encrypted username can be translated to a plain username with a separate tool. So it is not very strong encryption, but good enough for most use cases.

    If you need stronger encryption please have a look at what Splunk can do at index time: https://docs.splunk.com/Documentation/Splunk/latest/Data/Anonymizedata

  • 0
    Daniel Spavin

    Thanks Dominik,

    Does this also apply to the password setting in the CitrixADC_config stanza?


    I.E it's obfuscated rather than AES256 encrypted?

  • 0
    Dominik Britz

    You're welcome. Yes, this also applies to the CitrixADC_config stanza. Note that uberAgent only needs read permissions for ADCs.

Please sign in to leave a comment.