This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Level of security on user password in iconn.cfg and iconnlocal.cfg

I am currently investigating the method in which we allow users to authenticate against our web update server for Sophos Antivirus, we are currently using Sophos Antivirus 7.6.20.

From the clients perspective I notice that the username and password gets stored locally in clear text in the files, even though the password seems to be altered.

C:\ProgramData\Sophos\AutoUpdate\Config\iconn.cfg

C:\ProgramData\Sophos\AutoUpdate\Config\iconnlocal.cfg

Can you confirm to me what level of level of security is used to secure the password, (Encryption , Hash or Encoding?)

:4231


This thread was automatically locked due to age.
Parents Reply Children
No Data