Encrypting OTP Secret in the database #15
Comments
|
Thank you @blafri !!! You're definitely free to use any of the existing solutions to encrypt the secret. Adding the encryption as a built-in functionality, is a bit out of the scope of this project, but the simplicity and the goal of the project is definitely to leave such flexibility up to the end-user. Personally, if you're on PostgreSQL, I heartily suggest considering:
If you're already encrypting something in the database (which you should as GDPR and such are a thing nowadays :D), then definitely add the OTP stuff in. In the same time, if the backups were leaked, you'd probably reset the secrets for every user the first thing... 🤷 In the same time, the OTP secret doesn't carry any personal information. Knowing this, it is up to you to make the call on what's the best for you and your users here! :) |
|
Hay @stas, |
Hey @stas
First off thanks so much for your work on this project. I want to use it on a small project that I am working on and just wanted to get your thoughts on if you think its worthwhile to encrypt the the OTP secret/counter in the database.
I know most of the time that sensitive information such as one time use tokens or passwords are stored in the database it is usually hashed (I think devise does this with its reset password links), but that wont be possible with this project as we would need to get the data back, so was thinking encryption was another option.
Was just thinking that if anyone was to get read access to the database (for example if a database backup was leaked) they would be able to get the secrets/counters for all the users and possibly log in as anyone.
Was thinking i could use a project like lockbox to handle the encryption for me which should work seamlessly with this project. Do you think this would be worthwhile or unnecessary and wont really improve anything.
The text was updated successfully, but these errors were encountered: