Today’s Quick Tip focuses on recovery of lost passphrases for encrypted Disk Safes on CDP 3.0 Enterprise and Advanced editions.
Starting withCDP 3.14, Enterprise and Advanced editions allow you to create encrypted Disk Safes®. With encryption, your data is encrypted on the CDP Agent then transmitted across the network encrypted and stored in the Disk Safe encrypted.
When you create an encrypted Disk Safe you will specify a passphrase. The passphrase is used to encrypt the AES-256 cipher key which is used to actually encrypt your data. The key, encrypted with your passphrase, is stored in the Disk Safe, making it impossible to read your data without the passphrase.
But what happens if you lose or forget your passphrase? CDP 3.0 offers a solution to this dilemma. The key (pun intended) is to store a backup copy of the raw, unencrypted AES-256 cipher key to a secure location of your choice ahead of time.
Having a backup copy of the AES-256 key allows you to replace the lost passphrase. With the key and the new passphrase, you can now access the data on your encrypted disk safe for your customers.
First Save a Backup Copy of your Disk Safe’s Encryption Key Before You Have a Problem:
Follow the steps forDownloading the Disk Safe Encryption Key
Note: you will need your passphrase to save a backup copy of your encryption key
If You Lose Your Passphrase:
Follow the steps forRecovering the Lost Passphraseusing the backup copy of the key you made.