Home Explore Blog CI



docker
2nd chunk of `content/manuals/security/faqs/general.md`
930e30d66ca02d2dc565e1443ed89388b15aad8e87cb0d40000000010000096b
### How does Docker attribute downloads to us and what data is used to classify or verify the user is part of our organization?

Docker Desktop downloads are linked to a specific organization by the user's email containing the customer's domain. Additionally, we use IP addresses to correlate users with organizations.

### How do you attribute that number of downloads to us from IP data if most of our engineers work from home and aren’t allowed to use VPNs?

We attribute users and their IP addresses to domains using 3rd party data enrichment software, where our provider analyzes activity from public and private data sources related to that specific IP address, then uses that activity to identify the domain and map it to the IP address.

Some users authenticate by signing in to Docker Desktop and joining their domain's Docker organization, which allows us to map them with a much higher degree of accuracy and report on direct feature usage for you. We highly encourage you to get your users authenticated so we can provide you with the most accurate data.

### How does Docker distinguish between employee users and contractor users?

Organizations set up in Docker use verified domains and any team member with an email domain other than what's verified is noted as a "Guest" in that organization.

### How long are activity logs available?

Docker provides various types of audit logs and log retention varies. For example, Docker activity logs are available for 90 days. You are responsible for exporting logs or setting up drivers to their own internal systems.

### Can I export a list of all users with their assigned roles and privileges and if so, in what format?

Using the [Export Members](../../admin/organization/members.md#export-members) feature, you can export to CSV a list of your organization's users with role and team information.

### How does Docker Desktop handle and store authentication information?

Docker Desktop utilizes the host operating system's secure key management for handling and storing authentication tokens necessary for authenticating with image registries. On macOS, this is [Keychain](https://support.apple.com/guide/security/keychain-data-protection-secb0694df1a/web); on Windows, this is [Security and Identity API via Wincred](https://learn.microsoft.com/en-us/windows/win32/api/wincred/); and on Linux, this is [Pass](https://www.passwordstore.org/).
Title: Docker User Attribution, Logs, and Authentication
Summary
This section describes how Docker attributes downloads to organizations (using email domains and IP addresses), how it handles IP data when users work from home, how it distinguishes between employee and contractor users, the availability and retention of activity logs, how to export a list of users with their roles, and how Docker Desktop handles and stores authentication information using the host operating system's secure key management (Keychain on macOS, Wincred on Windows, and Pass on Linux).