You wish to understand how PDQ Deploy protects credentials.
PDQ Deploy uses three separate AES-encrypted keys to store password information in the PDQ Deploy database. One key is built into the application, one key is stored in the database, and one key is stored in the registry of the PDQ Deploy console machine.
The key stored in the database and the key stored in the registry of the PDQ Deploy console are generated during the installation of the program and are unique to the PDQ console machine.
Moving a database from one machine to another without the registry key will result in passwords needing to be re-entered.
Additional information is available in our documentation:
PDQ Deploy Database
PDQ Deploy Registry
PDQ Deploy Credentials