bridgy icon indicating copy to clipboard operation
bridgy copied to clipboard

Published 20 hours ago • verified publisher icon snarfed

Encrypt (with salt) tokens in datastore

Open snarfed opened this issue 1 year ago • 0 comments

We should encrypt (with salt) the tokens in the datastore, with a static key deployed with the app. Tokens are already encrypted at rest, and this isn't a silver bullet against other attacks, but it defends against SQL injection style attacks that exfiltrate keys through the app itself. (We're not subject to SQL injection since we don't use SQL, but the broader idea still applies.)

snarfed avatar Jan 19 '24 14:01 snarfed