Hi,
This document is a bit outdated.
The recent versions of vRealize Orchestrator use a FIPS-compliant Advanced Encryption Standard (AES) with a 256-bit cipher key for encryption of strings. The cipher key is randomly generated and is unique across appliances that are not part of a cluster. All nodes in a cluster share the same cipher key.
Every plug-in that has configuration workflow(s) collects the config information provided by the user and stores it server-side so each node in vRO cluster share the same plug-in configuration. Password fields are automatically encrypted when the configuration is persisted. Plug-ins have access to configuration persister service on Java code level.