Encrypt / Decrypt Text/Password Fields

This topic has 1 reply, 2 voices, and was last updated 8 months, 3 weeks ago by Peter.

Viewing 2 posts - 1 through 2 (of 2 total)

Author

Posts
July 28, 2024 at 11:12 AM #46031

Mathew Black
Participant

Hello,

im looking for a secure way to save secret keys for external api's.
im thinking using metabox for this ( happy if for suggestions ouside metabox )

ive looked at password field but the docs state "As the password is encrypted in the database, you cannot get the original password via code. There's no reversing function that can turn a password hash into the original one. Otherwise, it will be insecure."

So im looking for options. is it safe/secure with metabox?

TIA

Add New Note to this Reply

July 29, 2024 at 10:54 PM #46043

Peter
Moderator

Hello Mathew,

If you don't want to show or get the raw secret keys, you can use the field password to hash the value and save the hash to the database. It works like a user password or the consumer_key Rest API key of WooCommerce.
Once it is encrypted, it won't be decrypted. You can only use the WP function to check the key.
https://docs.metabox.io/fields/password/

Otherwise, you should use a simple text field to save the key.

Add New Note to this Reply
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.