Encrypting text

There are times when we shouldn't store plain text values in the database. This might apply to sensitive data like bank account and routing number. In those cases, here's what you can do:
  1. 1.
    Install the "Encrypt & Decrypt Text Plugin" by AirDev
  2. 2.
    Enter a secret key (this should be a 256 bit random text) in the Plugins tab
    1. 1.
      Note that previously we didn't recommend that this was a 256 bit random text. However, if the secret key is not truly random, then the security of encryption decreases dramatically. This type of text can be generated by an action from the plugin, which uses node.js' "crypto" library to generate a secure secret key text. (See screenshot below where this workflow is shown.)
  3. 3.
    Whenever a sensitive value is entered, encrypt it using an action and store it in the database
  4. 4.
    Whenever a sensitive value needs to be displayed or used, decrypt it using an action and show it

Hashing instead of encrypting

When working with things like passwords, which need to be saved for authentication purposes but whose actual contents never need to be decoded, they should be hashed instead of encrypted. It is extremely difficult to recover the original text when it has been properly hashed.
For a secure approach to hashing text, use this plugin's "Hash string with salt" workflow.
  1. 1.
    Enter the text to be hashed to the "input string" field.
  2. 2.
    Leave the rest of the fields as-is (unless you have good reason for changing them).
  3. 3.
    Save the results of the hashing operation on some object.
  4. 4.
    To later validate a value against a hashed text, be sure to use the same salt that was used the first time.
How to hash a password and check it later? You can see a demo app of this process here (username/password)
Hashing multiple texts with the same salt can allow for a Rainbow Table Attack, a method of craking a password by comparing precomputed hashes.
And, since more than one text can produce the same hash, it’s not important to know what the original password really was, as long as it produces the same hash.