Dremio security for internal/local accounts

For Dremio’s internal/local account authentication, how & where is the password stored in Dremio? Is there any encryption method used to store the password and if yes which method it is being used?

For authentication, passwords are stored hashed using a random salt and a strong key derivation function (PBKDF2 with a large number of iterations). Dremio does not use encryption in that case, as it would mean being able to retrieve the original password.

1 Like