Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow user-controlled encryption keys #1031

Open
paustint opened this issue Oct 10, 2024 · 0 comments
Open

Allow user-controlled encryption keys #1031

paustint opened this issue Oct 10, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@paustint
Copy link
Contributor

Describe the problem you are trying to solve
As an added layer of security, we could consider allowing generating an org decryption key that only the user controls so that org credentials could not be decrypted without that.

Thoughts:

  1. allow user to choose "extra encryption"
  2. Generate a key for the user - and tell them to store it in their password manager
  3. We store the key in their browser so the user only needs to enter it when using a new browser session
  4. Upon login, if the orgs are encrypted - ask for the key
  5. If the key is unavailable, then the user would be required to generate a new key and re-connect all of their orgs

Benefits:
Org auth tokens stored in Jetstream's DB would not be able to be decrypted with any encryption keys housed within jetstream's infrastructure.
@paustint paustint added the enhancement New feature or request label Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@paustint