Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature] WebUI should save credentials encrypted at rest #366

Closed
philosowaffle opened this issue Nov 15, 2022 · 0 comments · Fixed by #385
Closed

[Feature] WebUI should save credentials encrypted at rest #366

philosowaffle opened this issue Nov 15, 2022 · 0 comments · Fixed by #385
Assignees
@philosowaffle
Labels
enhancement new feature / improvments WIP
Milestone
3.3.0

Comments

@philosowaffle
Copy link
Owner

philosowaffle commented Nov 15, 2022
edited

Split from #153

See above ticket, when saving/updating credentials (email and password) these values should be encrypted at rest.
This should be backwards compatible/passive change for users.

The encryption Keys will be checked into source control, which is not best practice, even so this will provide a significant security improvement over storing plain text. More is written about this decision in #153
@philosowaffle philosowaffle added the enhancement new feature / improvments label Nov 15, 2022
@philosowaffle philosowaffle added this to the 3.2.0 milestone Nov 15, 2022
@philosowaffle philosowaffle modified the milestones: 3.2.0, 3.3.0 Dec 10, 2022
@philosowaffle philosowaffle self-assigned this Dec 11, 2022
@philosowaffle philosowaffle mentioned this issue Dec 11, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@philosowaffle philosowaffle

Labels
enhancement new feature / improvments WIP
Projects
None yet
Milestone
3.3.0
Development

Successfully merging a pull request may close this issue.

[366] migrate to encrypted credentials at rest philosowaffle/peloton-to-garmin
1 participant
@philosowaffle