Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stop storing API keys in plaintext #84

Open
fblundun opened this issue Nov 12, 2015 · 3 comments
Open

Stop storing API keys in plaintext #84

fblundun opened this issue Nov 12, 2015 · 3 comments
Assignees
@fblundun
Labels
infosec

Comments

@fblundun
Copy link
Contributor

In case an unauthorized person gets access to a backup of the database or discovers a SQL injection vulnerability, the keys should be hashed. We could investigate using bcrypt.

A lot of security measures (e.g. salt and pepper) seem to exist to protect users who have low-entropy passwords. Since the API keys are already 128-bit UUIDs I don't know whether these measures are necessary. But maybe somebody who knows more about cryptography will put me right.
@fblundun fblundun self-assigned this Nov 12, 2015
@alexanderdean
Copy link
Member

For reference matomo-org/matomo#5728

@fblundun
Copy link
Contributor Author

This answer supports my claim above that protection for our API keys doesn't need to be as sophisticated as protection for a human-generated password.

@alexanderdean
Copy link
Member

What a great answer!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fblundun fblundun

Labels
infosec
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexanderdean @fblundun