Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Libraries & Helpers Obfuscating encryption_key
Obfuscating encryption_key
  • Offline jhob
    Junior Member
  • **
  • Posts: 35
    Threads: 16
    Joined: Apr 2015
    Reputation: 0
#4
09-02-2019, 01:39 AM

Forgot to turn on notifications and only just spotted these replies!

AWS key rotation is something I was considering. I need to put some thought into how I will re-encrypt everything in the database when the key changes if I did go down this path.

Also thanks dave friend for the links, a lot of food for thought in them.

I find encryption/security quite a tricky area to make good decisions on what is the most appropriate strategy for a particular site.

For the site in question, it is IP restricted, has 2FA implemented, MariaDB Data-at-rest encryption as well as the sensitive data encrypted in the database. Probably the weakest link now is if an attacker gained entry via cPanel.
Reply


Messages In This Thread
Obfuscating encryption_key - by jhob - 07-24-2019, 07:58 AM
RE: Obfuscating encryption_key - by dave friend - 07-28-2019, 09:40 AM
RE: Obfuscating encryption_key - by albertleao - 07-28-2019, 07:01 PM
RE: Obfuscating encryption_key - by jhob - 09-02-2019, 01:39 AM



Theme © iAndrew 2016 - Forum software by © MyBB