Security Frequently Asked Questions
Wondering about OpenVPN Connect security and best practices? Refer to these FAQs.
- 1. Is OpenVPN Connect for Windows vulnerable to Heartbleed?
- 2. Why is the save password switch sometimes unavailable?
- 3. Does OpenVPN Connect support the tls-crypt option?
1. | Is OpenVPN Connect for Windows vulnerable to Heartbleed? |
No, OpenVPN Connect for Windows uses the OpenSSL library, which is immune to Heartbleed. | |
2. | Why is the save password switch sometimes unavailable? |
The save password switch on the authentication password field is typically turned on, but you can turn it off by adding the following OpenVPN directive to the profile: setenv ALLOW_PASSWORD_SAVE 0 ImportantThe above directive only applies to the authentication password. The private key password, if it exists, can always be saved. | |
3. | Does OpenVPN Connect support the tls-crypt option? |
Yes, OpenVPN Connect 1.2.5 and newer supports the tls-crypt option. |