Home > Data Protection > PowerProtect DD Series Appliances > Dell PowerProtect DD Series Appliances: Security > System passphrase
The system uses a passphrase to encrypt the encryption keys, cloud access, secure keys, imported host certificate private keys, and DD Boost token keys. This security configuration enables a system to be transported with encryption keys on the system but without the passphrase being stored on it. If the system is stolen in transit, an attacker cannot easily recover the data.
Data at rest encryption keys depend on this passphrase, so the use of a strong passphrase is mandatory. DDOS supports passphrases up to 254 characters. DDMC only uses a passphrase for imported host certificate private keys.
The passphrase is encrypted and stored in a file on the head unit of the PowerProtect DD appliance. The encryption key that is used to encrypt the passphrase is hard coded.