General encryption settings

The general settings for Encryption 2-Go include the following configuration options:

• Encryption algorithm to be used for encrypted drives

  Select the encryption method to be used here

• Password hash algorithm to be used for encrypted drives

  Select the hash method for the encrypted drives here

• Method to securely delete files

  You can specify which method is used so that data is deleted in a secure way.

• Enforcement of FIPS 140-2 validated cryptography

  If your organization requires you to use FIPS 140-2 certified algorithms, you can configure it here. When you enable FIPS mode, select one of the following two options:

  • Off: Select these settings to also access containers or encrypted drives that have not been encrypted using FIPS 140-2 certified methods. If a user creates a new encrypted container, however, a FIPS 140-2 certified method gets used.

  • On (disable non-FIPS encryption) : Use this option if you need to ensure that only FIPS 140-2 certified procedures can be used for both encryption and decryption. Any container or drive encrypted with non-FIPS 140-2 certified methods cannot be decrypted now.

• Allow quick format of encrypted containers

  To shorten the time needed to create an encrypted container, select the Allow quick format for encrypted containers option. This means that the DriveLock Agent does not encrypt the entire container, but only the required parts.

• Minimum required password complexity for encrypted drives

• Password complexity policy

  A password complexity policy contains all the requirements that a user password must meet when it is created. This contains the minimum number of characters and the number of special characters that a password must contain.