I’ve had to edit some backups that are stored on my Google Drive accounts. Each time I edit the configuration I have to generate a new AuthID. I don’t mind doing that…but it seems “messy”. I presume it’s done so as not to store a security token in the Duplicati database?
Should I delete the old tokens? If so, how do I do that?
For that matter, should I be storing the tokens in my encrypted password manager? Are they needed to do things in the future?
Can you explain the “have to”, and exact test steps including the “Save” button on screen 5 at the end?
The database stores all authentication and encryption information, so it does represent a point to attack.
How we get along with OAuth shows how at least the OAuth tokens are a bit protected by being remote.
OAuth itself provides some protection by not being limited-use compared to a username and password.
It would be good. You can use the AuthID for another backup. If you lose it though, you just make another.
Be sure to save your encryption password, and it’s probably good to stash an Export To File somewhere.
Thanx, very much, for your reply.
However, I’ve abandoned Duplicati in favor of Arq Backup for Windows, which does what I wanted Duplicati in a much more straightforward and easy to configure/use manner.