The authentication information is stored on disk in a file called Cascade DataHub.auth in the same directory as the Cascade DataHub.cfg configuration file. This is typically in the directory C:\Documents and Settings\User Name\Application Data\Cascade DataHub. Passwords are stored in this file using a reasonably strong non-reversible encryption. If a user forgets his password, it is not recoverable.
When a password is associated with a mirror/tunnel connection, it is stored in a weakly encrypted form on disk, in the Cascade DataHub.cfg file. This is a reversible encryption, so a good security policy would be to deny access to this file to untrusted users.
When a password is transmitted across the network, it is transmitted in plain text. This is necessary to accommodate the variety of clients that could generate an authentication request. If the network is itself insecure, it is advisable to use a VPN (Virtual Private Network) or an SSH tunnel in order to encrypt the network traffic.
Copyright © 1995-2010 by Cogent Real-Time Systems, Inc. All rights reserved.