Unfortunately, without a LOT of over-coding, at some point Duplicati has to rely on the underlying OS for some level of security. However, there are some discussions around issues similar to the one you brought up including:
Hi,
I’m new to Duplicati, and this forum, so pardon me if there’s a better way to post this, but…
I am evaluating Duplicati as my backup solution after losing CrashPlan, and I like the backup functionality, but I am looking to try to improve the reporting (email) capability, so I started experimenting with a post-run script, and in that script I dumped the contents of the DUPLICATI environment variables to a text file. I was shocked to find, not only the backup Passphrase in plain text, but al…
Good evening, I would like to ask a question about Duplicati. If I take it, install Duplicati, configure it to run as a service and configure a password to open it, is there any way for another user or malware to be able to get the passwords registered in a Job, be it data encryption, cloud access or whatever, without entering my Administrator password?
I asked this because I imagined that after putting the password in Settings, the configuration file was somehow encrypted, however this week op…