Hi @Shaokat credentials are stored in the Veeam B&R configuration database and are encrypted with the machine-specific key.

The store is in the database.

If you are on the backup server, and you are logged in as an admin, you can decrypt every password.

Therefore, the backup server needs to be protected from any thread.

Example:

https://forums.veeam.com/post329685.html#p329685

And when you talk about recovery. The credentials stored in the SQL db are included in the VBR config Backup when it's encrypted and thus will be restored together with the rest of the config on a config restore.

one of my customer want to know about this. if any of an access my Credentials from database where my Credentials security? 

There are accessible from everyone with admin permission on the backup server. Hackers and Insiders.

They can get all the passwords if they want in plain text after they decrypt them with the machine key.

As @Mildur said, yes if you can access to server you can.

Check this, maybe can help you:

https://forums.veeam.com/powershell-f26/pull-credentials-from-sql-database-t18467.html

whoami

root

The two lines that define the end of games and IT security 

@Shaokat have you solved?

my 2 cents here:

As already been said: it is essential to keep VBR server one of the the safest place in you network! When a bad guy enters the server, he has access to any credential stored in DB like:

• vCenter user
• Storage admin-accounts - most vendors just support admin-users when it comes to storage integration
• Windows backup user(s)
• probably privileged Linux user(s)

Good news: if you use single-use credentials for Hardened Repo server, at least this credential is not stored in DB!