Skip to main content

Windows Security FAQs

Wondering about OpenVPN Connect security and best practices? Refer to these FAQs.

No, OpenVPN Connect uses the OpenSSL library, which is immune to Heartbleed.

The save password switch on the authentication password field is typically turned on, but you can turn it off by adding the following OpenVPN directive to the profile:

setenv ALLOW_PASSWORD_SAVE 0

Important

The above directive only applies to the user authentication password. The private key password, if it exists, can always be saved.

Yes, OpenVPN Connect includes support the the tls-crypt option in recent versions.