[Enhancement]: Encryption of propfile properties.

[sboshuis]

Is there an existing issue for this?

• [X] I have searched the existing issues

Description of problem

During DNN Connect we discussed the option to add an option to allow a profile property to be saved encrypted to db.

Description of solution

During the summer break I will try to do the work in DNN. I have some questions and remarks I hope you all can give your oppinion on.

Description of alternatives considered

• Add extra types? Or add option to encrypt on top. (I prefer the extra option)
• Extra attention to basic properties e.g. for view vw_Users
• Or only allow encryption on custom added properties?
• Use same encryption like SMTPPassword in hostsettings
• Think about changing encryption keys (via iis?)
• Test if when property is deleted the values in userproperties are also deleted and not autolinked if re-created after delete.
• Prevent removing encryption yes/no?
• should there be a site setting to set what roles should be able to see the decrypted values? << this one seems out of scope. and has big consequenses on api.

Also we need to think about custom modules. When they use the api things will be allright, but if they use sql to get profile prop values (e.g. SP) they will get encrypted string.

Anything else?

No response

Do you be plan to contribute code for this enhancement?

• [X] Yes

Would you be interested in sponsoring this enhancement?

• [ ] Yes

Code of Conduct

• [X] I agree to follow this project's Code of Conduct