: 4582 | 108668 | 12353

Disable the default encryption for new databases 
Use this IdeaSpace to post ideas about the Notes Client.

: -38
: 4
: 42
: Notes Client / Other
: notes
: Mika Heinonen3556 24 Oct 2007
:
: / Email
When you create a new database, the encryption setting defaults to "Medium Encryption for Current Username". It should default to "No Encryption". Many people who are new or not so experienced in Notes don't know that encryption can make all your documents and data lost forever, if you lose your Notes ID. It's a big security risk to use encryption. Encryption also disturbs WinRAR packing ratio a lot, unencrypted databases can be packed much smaller. Also recovery of corrupted databases is much better with unencrypted databases.

Encrypted databases should be used only for sensitive data, like passwords and personnel details. For most databases it makes things only worse, it also slows down performance.



1) Charles Robinson5466 (24 Oct 2007)
File > Preferences > User Preferences > Replication
2) Mika Heinonen3556 (24 Oct 2007)
Ok, that works, but I still think it should be by default off in the preferences. Well, but then again most things are totally wrong by default, so I think it's best to have a policy or a pre-made notes.ini for all users.
3) Tripp Black622 (25 Oct 2007)
In Domino8 the default is now high encryption. Although you find this inconvenient, it is a GREAT feature. No one wants their laptop to be the latest news blurb of the private information loss. You might also want to see if it can be turned off via a Security Settings doc in an explicit or organizational policy.
4) Tripp Black622 (25 Oct 2007)
Oh, I forgot to address your "lost forever" sentence, add ID Recovery (see Administrative help) to your cert.id you use to register new people. It will send an ID file to a mail-in database each time a user is registered, renamed, or recertified. (Very helpful if someone changes their name -- that original id from the original registration is basically useless afterwards. So eitehr use ID recovery, roaming, or client workstation backups to capture the id with the new name.)
5) Mika Heinonen3556 (30 Oct 2007)
Notes 9 will get rid of ID files, then the "lost forever" will be also lost forever. So, Notes 9 will kinda fix this issue.
6) Alan Lepofsky8315 (01 Nov 2007)
Risk or losing an ID file is not a reason to lower security.
7) Richard Schwartz3723 (14 Nov 2007)
The default is settable by administrators using policies. (Desktop Settings - Preferences - Replication - Encrypt Replicas)
8) Craig Wiseman21821 (21 Nov 2007)
I'd think that this is what Policies are for. The default should stay as or be High Encryption.

If you want to change it for your Notes/Domino infrastructure, then use policies:
Desktop Settings -> Preferences -> Replication. This gives you the absolute control you're lookin for, while leaving the 'default/new install environment' secure.
9) Oliver Regelmann4949 (18 Feb 2008)
I think it should distinguish between local replicas and copies. I almost always want a local replica to be encrypted but almost never want this for a local copy.










:
:




Welcome to IdeaJam


You can run IdeaJam™ in your company. It's easy to install, setup and customize. Your employees, partners and customers will immediately see results.

Use IdeaJam to:

  • Collect ideas from employees
  • Solicit feedback and suggestions from employees and customers
  • Run innovation contests and competitions
  • Validate concepts
  • Use the power of "crowd-sourcing" to rank ideas and allow the best ideas to rise to the top

IdeaJam™ works with:

  • IBM Connections
  • IBM Lotus Quickr
  • Blogs and Wikis
  • Websphere Portal
  • Microsoft Sharepoint
  • and other applications.

IdeaJam has an extensive set of widgets and API's that allow you to extend and integrate IdeaJam™ with other applications.

Learn more about IdeaJam >>






IdeaJam developed by

Elguji Software Logo