AES content encryption may be enabled using the "Encryption" checkbox located in the upper right of the main window.

Metadata sent to the server, including usernames, passwords, and file paths, are always protected by AES encryption.

When the checkbox is enabled, file data, directory listings, object handler data, and all other transaction contents are encrypted in addition to the request information.  When the checkbox is disabled, only the metadata is encrypted.

Usernames and passwords are always encrypted.

Administrators wishing to ensure that content is always encrypted can do so using either the server's RequireEncrypt option, or by using DropDat to embed a "Require Encryption" setting into ExpeDat Desktop itself.

Using encryption slightly increases the CPU load of both the server and the client computers which may cause a reduction in performance at multigigabit speeds.  On modern CPUs, about one available CPU core is needed to support each gigabit per second of encrypted throughput.

For more information about application security, see Tech Note 0016.