How to enable Enhanced Account Encryption.

Before enabling EAE, you must prepare the Groundplex nodes. Every Groundplex used in the environment must be configured to use EAE. You can't use EAE if the feature isn't enabled for the environment or if your Groundplex nodes have different keys.

1. Log into your environment and navigate to Admin Manager.
2. From the navigation pane under Security select Account encryption.
3. In the Encryption settings, tab select the Enhanced encryption option.
4. Select the level of sensitivity:
   • High - Encrypts passwords and secret keys.
   • Medium and High - Encrypts usernames, passwords, and secret keys.
   • Low, Medium, and High - Encrypts host name, database names, database URL properties, usernames, passwords, and secret keys.
5. To set a key for the entire environment (Org), select the target public key. Only keys that are available on all nodes are displayed.
6. Confirm the new key. This configuration causes all accounts to be decrypted using the existing keys and then re-encrypted with the newly selected Org-level key.
7. Click Save to apply Enhanced encryption.

It's good practice to rotate the keys periodically.