Database encryption uses a public-key algorithm. Encryption generates a random encryption key, encrypts this key with the public key associated with a specific user ID, and appends the resulting key to the specified database. A user can access an encrypted database only if the user's private key can decrypt the appended key. It is a good idea to encrypt local databases if they are stored on a portable computer, or if you share your computer with other users.
You can also use local encryption to encrypt databases on a server with the server ID. Then, only those Domino administrators with access to the server ID can read the database.
Note When a user copies a database, the data remains encrypted -- even if the database is copied at the operating system level. The encrypted data is also safe from access by API programs.
Use the local encryption option from the Database Properties box to encrypt databases on a workstation with a database owner's user ID, and to encrypt databases on a server with a server ID. To encrypt a local database after the initial creation of the database or replica, you or the server administrator must first compact the database.
Encryption levels
When you encrypt a database, you must select one of the following encryption levels: simple, medium, or strong. The stronger the encryption, the longer it takes to open a database.
See Also