Sybase IQ and Encrypted Passwords

Question

I have need to use the ENP (Encrypted Password) parameter with Sybase IQ. The documentation has a good reference on how to use it but not how to generate the password ... so how does one generate the encrypted password for use with the ENP connection parameter??

Thanks in advance

Answer 1

hythlodayr is correct - the ODBC administrator creates the ENP parameter instead of the PWD parameter when you check the "encrypt password" checkbox. The iqdsn utility's -pe switch does the same thing if you create your DSNs that way.

The ENP parameter is encrypted using a proprietary encryption algorithm, but it is not a substitute for strong encryption. A determined hacker could probably break it. Any DSN that contains a password, encrypted or not, is a security risk.

Full disclosure: I work for Sybase in SQL Anywhere engineering. SQL Anywhere is the database server used by Sybase IQ.

Answer 2

I'm fairly certain it's when you define the DSN in the ODBC Control Panel--or whatever other utility Sybase provides to define a connection on other platforms. When the DSN is stored in file or the registry, you should see the ENP parameter defined rather than PWD.

And unless there's an asymmetric algorithm involved--with the private key definable by the sa--I wouldn't consider this to be better than obfuscation. That is, lock down the capabilities of the user!