John, sorry for the delayed reply to this thread - I've been off-site for a week without easy access to the list. David's response is correct for most situations, but for your original example of encrypting a user-specific password that only they have access to, you should be able to do what you're suggesting. The password that's being encrypted can also be its own encryption key. You won't need to store the key anywhere and if the user forgets it you can just reset the encrypted data to a new value. Pretty simple and elegant solution, IMHO.
-John -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of David Jordan Sent: Monday, September 12, 2011 3:16 PM To: U2 Users List Subject: Re: [U2] ENCRYPT in Universe Hi John I have not played around with the encryption, but to my knowledge this is not the way it works. The password is related to the data encrypted, not to the user, so every user would require the same key for the data. To change the key you need to unencrypt and reencrypt the data. The other option is encryption at rest where the whole database is encrypted. This has been greatly enhanced in Rel11 of UniVerse. Regards David Jordan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of John Thompson Sent: Monday, 12 September 2011 10:35 PM To: U2 Users List Subject: Re: [U2] ENCRYPT in Universe As far as passwords are concerned, I could use their password as the key? That way it would be different every time, and in order for it to be decrypted, they would have to supply the right password, otherwise, they would have to reset it... Is that a decent way of doing it? _______________________________________________ U2-Users mailing list [email protected] http://listserver.u2ug.org/mailman/listinfo/u2-users
