Sitemap

Encrypt Your Database

Share KeePass Passwords with your Team of multiple users

By default the Pleasant Password Server built-in SQLite database is encrypted.

For an alternate database, be sure to follow the steps or links below to configure the encryption for your alternate database (i.e. PostgreSQL, SQL Server, Azure). Below are encryption alternatives you may consider.

SQLite

  • Encrypted by default.

PostgreSQL

  • TDE Encryption: 

    • A TDE Encryption database download is available from 3rd Party solutions (see below).

    • It is not yet implemented by default into the PostgreSQL core, and will be installed as a database version. 

  • 3rd-Party Solutions:

MSSQL

MSSQL database encryption is supported, including the High-Availability option: "Always On" Availability Groups.

  • TDE Encryption: 

    • Fully Supported. Below are steps to apply and revert transparent encryption to the whole database.
    • TDE Encryption Setup Steps    (Versions: 2008-2019 Available in select editions)
  • 3rd-Party Solutions:

  • Column-Level Encryption ("Always Encryption"):

    • Not Supported. This encryption model would not facilitate convenient handling of application searches and so has not been included

Azure SQL

Paid subscription model, includes TDE encryption by default.

Third-Party Encryption Solutions

Please Note:

  • Pleasant Solutions has provided this information as a convenience to you, but does does not officially recommend Third-Party provider solutions. Pleasant Solutions has not audited and does not control or manage these products and cannot confirm the quality or safety of using these listed.

Database Patches

The following companies offer TDE (transparent database encryption) solutions

MS-SQL / PostgreSQL:

MS-SQL (only):

PostgreSQL (only):

Cloud Database Encryption

Major Cloud Providers provide TDE Encrypted volumes (eg. Azure DB, MS-SQL, PostgreSQL) which often have the added feature of being a scalable database, that let's you scale up the size and service as the database needs grow.

Example:

  • AWS,
  • Azure,
  • GCP

System Volumes

The following companies offer disk/volume encryption:

  • BitLocker (by Microsoft): included in some windows versions

  • BestCrypt (by Jetico)

  • dm-crypt (for Linux)
  • LUKS (for Linux)

Hardware Security Module (HSM)

The following companies offer a hardware module that might be used to provide TDE encryption for databases, etc.