Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Fernet database value encryption to bcrypt #1683

Open
spwoodcock opened this issue Jul 19, 2024 · 0 comments
Open

Update Fernet database value encryption to bcrypt #1683

spwoodcock opened this issue Jul 19, 2024 · 0 comments
Labels
devops Related to deployment or configuration effort:medium Likely a day or two priority:low Backlog of tasks that will be addressed in time
Milestone
Update production...

Comments

@spwoodcock
Copy link
Member

spwoodcock commented Jul 19, 2024
edited
Loading

Problem

  • We use Python cryptography.Fernet.
  • bcrypt on the database level might be better.

Solution

  • Enable bcrypt encryption on database for odk_token value.
  • Write a migration for converting between Fernet --> bcrypt

Additional context

  • This is good security practice, but is low priority, as the odk_token is not a critical problem if compromised.
  • We can also refresh the odk_token if it is suspected to be compromised.
  • I had already assessed this and decided against it, but feel like it's worth looking into again.
@spwoodcock spwoodcock added priority:low Backlog of tasks that will be addressed in time devops Related to deployment or configuration effort:medium Likely a day or two labels Jul 19, 2024
@spwoodcock spwoodcock added this to the Update production devops milestone Jul 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
devops Related to deployment or configuration effort:medium Likely a day or two priority:low Backlog of tasks that will be addressed in time
Projects
Field Mapping Tasking Manager (FMTM)
Status: Tasks
Milestone
Update production devops
Development

No branches or pull requests
1 participant
@spwoodcock