I was thinking the easiest way to use encryption for passwords is to use something like this.
https://github.com/dukejones/pgp
Example
···
=======
rake pgp:generate_key_pair
p = PGP.new(‘pass’)
p.public_key # just to see it
p.encrypt(‘A very secret string’)
pass = PGP.decrypt(“encodedString”)
The only problem I see is that if someone deletes their keys by accident there would be no way to recover the passwords since they are encrypted with a key that doesn’t exist.
Is there a way to store the key pairs in the database as a backup?
thoughts?
Corey Osman
corey@logicminds.biz
Green I.T and Datacenter Automation Specialist
If you store both the private key and the encrypted string, there is
almost no value in encrypting it.
but I see no other solution rather then use the ssl certs to sign it
(which might have a bigger impact if you swap ssl certs later on).
Ohad
···
On Wed, Nov 16, 2011 at 12:54 AM, Corey Osman wrote:
> I was thinking the easiest way to use encryption for passwords is to use
> something like this.
>
> https://github.com/dukejones/pgp
>
> Example
> =======
>
> `rake pgp:generate_key_pair`
>
>
> p = PGP.new('pass')
> p.public_key # just to see it
>
> p.encrypt('A very secret string')
>
> pass = PGP.decrypt("encodedString")
>
> The only problem I see is that if someone deletes their keys by accident
> there would be no way to recover the passwords since they are encrypted with
> a key that doesn't exist.
> Is there a way to store the key pairs in the database as a backup?
> thoughts?
>