01-23-2020, 06:07 PM
(01-23-2020, 05:25 PM)mark_talluto Wrote: Security is essential to everyone. The CanelaDB libraries do not have passwords in them. Also, your user's passwords are not stored locally.
This solution provides the ultimate security for local data. But, it is inconvenient at the same time because we can not decrypt local data without user participation.
There are three solutions that we can offer. I am reasonably sure that we will end up building all three options, so everyone will have what they want. All apps are different and have varying needs.
1. Provide a universal password option. All local data is stored using the same password. The positive is that the local data is encrypted, and you can use a forgot password option that does not require internet access. The negative is that all apps that use this option would have their local data encrypted with the same password.
2. Provide an option where the local data is not encrypted. The positive is that the forgot password option would not need to deal with local data. The negative is that the local data is stored insecurely.
3. Provide an option that relies upon the user password being in the cloud. The database would automatically retrieve the password and decrypt the user's data. The positive is that this is the most secure option. The negative is that it requires internet connectivity.
If anyone wants to chime in, I am curious which options you find interesting.
An improvement to option #1 would be for LCM to generate a unique key for each project. This would remove the need for storing a key in the libraries. Each project would be encrypted with its own key. The key would be fixed, not visible to developers, and could never be changed. This makes option #1 more enticing because it improves its security and allows for easy change password options.