Passwords in connection strings are auto-detected and replaced with
__ENC_PWDn__. Multiple passwords are detected and encrypted. The password is stored encrypted in a separate part of the XML. Existing passwords will not be encrypted until users click off of the tool.
Alteryx makes no guarantee that encrypted passwords are secure.
- Hide: This hides the password using minimal encryption (DES).
- The key to decrypt the password will reside in Alteryx so there is no loss of functionality.
- A copied tool will work on any computer for any user and they will be able to read/write any SQL.
- Analytic Apps and Schedules will be able to use this password.
- We do not recommend using the Hide method when sharing workflows with individuals that you would not want to have access to your credentials.
- Encrypt for Machine: Any user or service on this machine will be able to fully use this workflow.
- Analytic Apps and Schedules (and other services) can use this workflow on this specific machine.
- Implemented by Windows CryptProtectData API with CRYPTPROTECT_LOCAL_MACHINE option.
- Encrypt for User: Only a user with the same logon credential as the user who encrypted the data can decrypt the data. The encryption and decryption must also be done on the same computer. However, a user with a roaming profile can decrypt the data from another computer on the network.
- Analytic Apps and Schedules (and other services) can NOT use this workflow on any machine.
- Implemented by Windows CryptProtectData API.