After you enable FIPS 140-2 cryptography and complete the steps in the Getting Started wizard, schedule and implement the appropriate procedures in your organization to prepare all stakeholders for the database migration.
The following illustration provides an overview of the database migration milestones using the Password Security Migration Tool.
Web Help Desk 12.4.0 is installed in your deployment.
You scheduled a date to invalidate all tech and client passwords in your current Web Help Desk database stored with weaker cryptography and a date to verify system status using the Audit Tool.
You configured a FIPS 140-2 cryptography provider in your Web Help Desk deployment.
Web Help Desk begins using FIPS 140-2 cryptography for user passwords and a non-FIPS provider for hash attachment links and third-party connection passwords.
All techs and clients are notified to log in to Web Help Desk before your scheduled date.
The Web Help Desk Admin runs the Password Security Migration Tool.
All non-migrated clients and techs using the non-FIPS provider are invalidated. These users are forced to change their password before they can log in and access the application.
All third-party connection passwords are re-encrypted to AES with the FIPS provider.
To prepare for the database migration:
Select a date to invalidate all passwords stored in your current Web Help Desk database stored with weaker cryptography and a date to verify your system status.
Ensure that all clients and techs receive confirmation about the planned migration. Provide a deadline date and ample time for all users to proactively log in to Web Help Desk 12.4.0. If your clients and techs do not log in to Web Help Desk 12.4.0 by the deadline date, they will be forced to change their password after the migration before they can log in and access Web Help Desk.
If you are connected to an external SolarWinds product (such as SolarWinds Network Performance Monitor [NPM], SolarWinds Server and Application Monitor [SAM], or SolarWinds Network Configuration Monitor [NCM] ), record your current configuration settings. All external SolarWinds integration passwords will be updated to FIPS 140-2 cryptography during the database migration.
A list of SolarWinds connections appear.
On a prescheduled date, execute the database compliance tool in Web Help Desk using your administrator password to ensure that all client and tech account passwords are migrated to FIPS 140-2 cryptography. When completed, only the stored client and tech passwords using FIPS 140-2 cryptography are validated.
The tool scans all client and tech account passwords in your Web Help Desk database.
If all clients and techs have logged in to Web Help Desk 12.4.0 before the scheduled date, a message displays stating that your database is now using strong cryptography and is FIPS 140-2 compliant.
If one or more clients or techs have not logged in to Web Help Desk before the scheduled date, Web Help Desk lists the remaining number of client accounts and a list of tech accounts that require a password change. The report will include third-party integration accounts that will be migrated automatically without user intervention.
If you click No and do not invalidate all passwords, Web Help Desk will not erase any passwords from your database that are using weaker cryptography.
The following message displays:
Are you sure you want to erase all passwords that are using weaker cryptography?
Confirm by entering your Admin password below.
When completed, a message displays listing the reset client and tech passwords.
All clients who did not update their passwords are forced to create a new password when they log in to Web Help Desk. Additionally, all future client and tech account passwords will be encrypted using FIPS 140-2 cryptography.
The migration is completed.
All remaining users who did not change their passwords during the notification period must navigate to the Log In page and click Forgot Password to change their password and access Web Help Desk.