By default, system will use strong AES encryption to protect the data.

Administrator can reset the encryption key using the configuration page.





There are two types of keys in eCatalog:

  • Crypto Key, also known as Application Key.
    This key is on application level key. Administrators can change/reset the key as often as he wishes. When changing the key, the existing encrypted data is still readable, using the old key. The new key will be applied to new records.
  • Account Key. 
    The Account key is on server level. If administrator change Account Key, the existing encrypted data can NOT be readable anymore.
    To avoid administrator accidentally change/reset Account Key, administrator has to enter CAPTCHA.
    It is recommended to change Account Key before user start using the system.
    The Account Key is useful when you want the encrypted data from server A, cannot be decrypt-ed on other server.


Reseting Crypto/Application Key is good enough to protect the data.