IdeaJam(tm) : Disable the default encryption for new databases

Notes Client / Other: Disable the default encryption for new databases

Wed, 24 Oct 2007 21:03:28 +0000

Author: Mika Heinonen
Tags: notes
Idea:

When you create a new database, the encryption setting defaults to "Medium Encryption for Current Username". It should default to "No Encryption". Many people who are new or not so experienced in Notes don't know that encryption can make all your documents and data lost forever, if you lose your Notes ID. It's a big security risk to use encryption. Encryption also disturbs WinRAR packing ratio a lot, unencrypted databases can be packed much smaller. Also recovery of corrupted databases is much better with unencrypted databases.

Encrypted databases should be used only for sensitive data, like passwords and personnel details. For most databases it makes things only worse, it also slows down performance.

re: Disable the default encryption for new databases

Wed, 24 Oct 2007 22:03:29 +0000

Author: Charles Robinson
Comment:

re: Disable the default encryption for new databases

Wed, 24 Oct 2007 23:51:28 +0000

Author: Mika Heinonen
Comment:

re: Disable the default encryption for new databases

Thu, 25 Oct 2007 01:34:31 +0000

Author: Tripp Black
Comment:

re: Disable the default encryption for new databases

Thu, 25 Oct 2007 01:30:33 +0000

Author: Tripp Black
Comment:

re: Disable the default encryption for new databases

Tue, 30 Oct 2007 18:17:01 +0000

Author: Mika Heinonen
Comment: Notes 9 will get rid of ID files, then the "lost forever" will be also lost forever. So, Notes 9 will kinda fix this issue.

re: Disable the default encryption for new databases

Thu, 01 Nov 2007 02:40:20 +0000

Author: Alan Lepofsky
Comment: Risk or losing an ID file is not a reason to lower security.

re: Disable the default encryption for new databases

Wed, 14 Nov 2007 09:46:27 +0000

Author: Richard Schwartz
Comment: The default is settable by administrators using policies. (Desktop Settings - Preferences - Replication - Encrypt Replicas)

re: Disable the default encryption for new databases

Wed, 21 Nov 2007 17:12:45 +0000

Author: Craig Wiseman
Comment: I'd think that this is what Policies are for. The default should stay as or be High Encryption.

If you want to change it for your Notes/Domino infrastructure, then use policies:
Desktop Settings -> Preferences -> Replication. This gives you the absolute control you're lookin for, while leaving the 'default/new install environment' secure.

re: Disable the default encryption for new databases

Mon, 18 Feb 2008 13:55:49 +0000

Author: Oliver Regelmann
Comment: I think it should distinguish between local replicas and copies. I almost always want a local replica to be encrypted but almost never want this for a local copy.