Integrate with Encrypt for password storage

Created on 9 October 2022, about 2 years ago
Updated 20 September 2024, 3 months ago

Problem/Motivation

As mentioned in Warn the admin that the password for the SMTP server is stored as plain text Needs work , the SMTP authentication password is stored as plain text.

While looking for a solution, I found #3134249: Add Key module dependency to (optionally) store credentials outside the database . The proposed solution however, requires both the Key and Encrypt modules in addition to a patch for Key, Encrypt key value Needs work that has been pending acceptance for 4 years.
Also, this solution isn't compatible with the current config fields and the patch doesn't apply anymore.

Proposed resolution

Therefor, I think it would be better to add password encryption as an option, by directly integrating with Encrypt .

Encrypting the password should be configuration option that can be enabled/disabled.
When enabling encryption, an encryption profile (from Encrypt ) must be selected. Doing so, should either encrypt the current or new password, and vice versa.

Feature request
Status

Needs review

Version

1.0

Component

Code

Created by

🇧🇪Belgium andreasderijcke Antwerpen / Gent

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024