DBeaver Documentation

DOWNLOAD pdf

Project security

Note: This feature is available in Lite, Enterprise, Ultimate and Team editions only.

Table of contents

DBeaver supports local storage for connection secure data. It includes:

  • Database server user credentials
  • SSH tunnel user credentials
  • Proxy user credentials

    • By default, user names and passwords are stored in the credentials-config.json file, encrypted with a DES key. However, this key is not secure as it is publicly available in DBeaver source files, making it possible for unauthorized third parties to decrypt the file using external software. For more secure options, you can read about security options in DBeaver PRO.

    Master password for local configuration

    It is possible to set a Master password for all projects in a local workspace.

    The side effect of this configuration is that you cannot share your connections (with password) between different users because user credentials are stored in a completely separate location, and they are protected by a local user password.

    For more information about Master password, refer to the dedicated article Managing Master Password.

    Use Windows Integration password provider

    You can disable the default password provider and enable a "Windows Integration" provider. This provider does not need a master password but it uses a randomly generated password stored in a local user secure storage (in Windows). This is easier (as you don't need to remember the master password) but less secure (anybody who has access to your Windows user account will have access to DBeaver's stored credentials).

    Project password

    You may specify a password for a project. It will encrypt all the project's configurations with this password. Also, you will be able to share your project settings with other users (you will need to pass the project password as well).

    In order to enable a project password open the project properties. You can do this by:

    • Clicking on main menu File->Project security
    • Clicking on "Configure" icon in the project explorer view toolbar and switching to the Project Security tab
    • Pressing ALT+Enter on a project element in Projects view and switch to Project Security tab

    On the project security page click on the "Set Password" button to enable the project password. Click on Clear to disable it (you will need to enter a current project password to clear it).