Tokens encryption

The documentation says that token encryption based on PI_ENCFILE and also it’s said that:
“The encryption key can be encrypted with a password”.
Where should I set a password for encryption?
Thanks in Advance.

You would have to read this and a lot more.

This is a bigger puzzle with limited practical gain for an enterprise environment. You need to consider:

  • how you are actually running privacyIDEA and number of processes
  • you need the command line client or manuall use the rest API to set the password
  • and adapt your own processes for managing/restarting the system

I would not recommend to go down this road.

This is far beyond the effort I would put into a community forum.
This would (probably) be my last comment and help on this.