in 2.16 we have slowly introduced encryption of database content, so far just for the password used for remote data synchronization. We plan to build on this in near future by encrypting “confidential” attribute values for tracker (person data).
For encryption/decryption process to work, a password (key) is needed to keep things secure. All you have to do is to set a new property in the hibernate.properties configuration file:
encryption.key = xxxx
where xxxx is the password. Some aspects to take into consideration:
The password must not be changed once it has been set and data has been encrypted as existing data can then no longer be decrypted.
Keep your password safe - if the password is lost, then data which have been encrypted by the system so far is lost, too.
If the database is copied to another server the encryption password must be identical. Otherwise the system will not be able to decrypt existing data.
Remember to set a strong password of at least 8 characters with random characters.
A system-provided, fixed password will be used if not set in the configuration file, this can however not be considered secure.
These points have been written up in the installation chapter here. It is also mentioned in the upgrade notes.
Quick question. I see a lot of people are happily upgrading to 2.16 but not so sure everyone has read the note as they should.
If the system is started without encryption password set and later it is set what will that mean? I’m guessing there will be no problem unless something has already been encrypted.
What is the system-provided, fixed password? Is it randomly generated or actually fixed somewhere as a string in the java code?
in 2.16 we have slowly introduced encryption of database content, so far just for the password used for remote data synchronization. We plan to build on this in near future by encrypting “confidential” attribute values for tracker (person data).
For encryption/decryption process to work, a password (key) is needed to keep things secure. All you have to do is to set a new property in the hibernate.properties configuration file:
encryption.key = xxxx
where xxxx is the password. Some aspects to take into consideration:
The password must not be changed once it has been set and data has been encrypted as existing data can then no longer be decrypted.
Keep your password safe - if the password is lost, then data which have been encrypted by the system so far is lost, too.
If the database is copied to another server the encryption password must be identical. Otherwise the system will not be able to decrypt existing data.
Remember to set a strong password of at least 8 characters with random characters.
A system-provided, fixed password will be used if not set in the configuration file, this can however not be considered secure.
These points have been written up in the installation chapter here. It is also mentioned in the upgrade notes.