Search

I want to build a password storage system in Symphony. For obvious reasons this data will be sensitive, so I'd like to encrypt the password and possibly username so they couldn't be easily extracted from the DB or sql dumps. Guessing I'd have to store the encryption key in the config file, which isn't ideal but better than nothing.

Is that the best way to go about it? Is there enough demand for this kind of functionality for it to be an extension? Maybe it would work well as a 'text formatter' extension instead. There should be enough hooks to encrypt/decrypt the data, and that way it could be used with any field type that supports text formatters... Unless I'm missing something.

I've not updated for 2.3 but try this:

https://github.com/nickdunn/encrypted_input

If you need it for 2.3 I'll update and release in the coming weeks. It was developed commercially for Mr Hay but he agreed for the extension to be released for all.

While it's not an extension, #796 may be of interest to you.

Hi,

Is it possible to show the decrypted values in the backend?

Create an account or sign in to comment.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details