Taking care about database credentials can be really important. Database passwords need to be processed without risk of getting lost or shared. At the same time database password should not be asked on each database operation, such kind of password prompts could become annoying for applications constantly interacting with a database. This section describes how the application handles credentials, when passwords are saved or not and when saved passwords are encrypted or not. This can provide you with an understanding of how an application is using credentials and what options can be safe enough and convenient at the same time for your environment.
'Open database(s)' dialog is used to ask you for a database credentials. Once you click OK, these credentials are sitting in the application memory (not on the disk) and used each time you connect to the database. If your application instance already had some other database pair opened and if you have 'Open new application instance' option enabled by default or used during the database open, then your credentials will be passed in the encrypted way as a command line arguments to the new application instance.
When you open a database, database credentials can be saved in the application settings file, this information is used to reopen the database from the Recent database list. If you have chosen 'Save passwords' during the database open, then the encrypted password is saved in the settings file. Otherwise 'recent databases' item will keep only user and password will be asked again when you open the database from the Recent list. If you don't want this information to be stored in the Recent database list then you can remove corresponding Recent databases list item after database open.
Before implementation of 'Recent databases', these files were used to avoid password entry when connecting to the same database multiple times. Today these files still can be used to simplify work with databases. Passwords in that files can be saved explicitly or in an encrypted way. Recent database items for such connection keep only path to ordbs files, without passwords.
Application can accept database passwords by command line, either explicitly if specified by the user, or in an encrypted way if the database is connected using the 'new application instance' option.
Application can accept database connection settings as a connection string. "Open database(s)" dialog has an option "Use connection strings". In this case the corresponding Recent database list item will contain that encrypted connection string..
Last updated: 2023-12-01