# Password Encryption

To avoid exposure of any sensitive data (like passwords or private keys) in your configuration file (config.yml), you have a choice to encrypt it by using the encryptor tool. The process of encrypting any secret value is as follows:

Make sure you have your agent keys properly downloaded and placed into the conf folder. They are required for encryption.
Run the encryptor tool in your command line.
- For Windows: bin\encryptor.cmd
- For Linux and Mac: bin/encryptor.sh
When prompted, enter your secret value twice.
The script will print an encrypted text. Example:

{encrypted: 'RCVtuGPjJWNqwkFQvhT...'}

Copy and paste the provided text as a value into config.yml. Make sure your value is in a single line. For example, in a database profile:

database:
  sales:
    url: jdbc:postgresql://sales.database:5432/sales
    username: joe
    password: {encrypted: 'RCVtuGPjJWNqwkFQvhT...'}

The encryption is based on your agent's private key. You cannot use encrypted value from one agent inside another agent's configuration. Note that only YAML values can be encrypted (you cannot encrypt YAML property keys).

← On-prem connections Proxy server →

Didn’t find what you are looking for?

Search our resource library View getting started guides, tutorials, training videos, webinars and FAQ Ask our community View questions and answers from other users and Workato experts. File a support ticket File a support ticket for critical issues that require a higher level of support.