Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to re-encrypt secrets #456

Open
jeffpaul opened this issue Sep 9, 2022 · 5 comments
Open

Add ability to re-encrypt secrets #456

jeffpaul opened this issue Sep 9, 2022 · 5 comments
Labels
Help Wanted
Milestone
0.11.0

Comments

@jeffpaul
Copy link
Member

jeffpaul commented Sep 9, 2022

Add a WP CLI command or plugin setting to re-encrypt secrets for all users by supplying the old key and the new key.

More details to be shared.
@jeffpaul jeffpaul added this to the 0.8.0 milestone Sep 9, 2022
@kasparsd kasparsd removed their assignment Sep 9, 2022
@jeffpaul jeffpaul modified the milestones: 0.7.2, 0.8.0 Sep 12, 2022
@calvinalkan
Copy link
Contributor

@jeffpaul Ping me here or in PR's

This needs to be done in batches otherwise you might take down the DB.

@jeffpaul
Copy link
Member Author

@calvinalkan thanks for reaching out on this, if you've got any other technical direction then please share that here (or if you're open to crafting a PR to ensure this is done in batches then please do so and I'll coordinate on getting that reviewed/merged).

@calvinalkan
Copy link
Contributor

Actually, I was thinking it might be better to force reset everything..

An inconvenience is better than a hack.

@calvinalkan
Copy link
Contributor

@jeffpaul

Our library snicco/better-wpdb now has support for batch processing with db locks.

The prerequisite is PHP7.4

@iandunn iandunn mentioned this issue Nov 3, 2022
Closed
20 tasks
@iandunn iandunn mentioned this issue Feb 10, 2023
Closed
@iandunn iandunn mentioned this issue Mar 3, 2023
Open
@iandunn
Copy link
Member

iandunn commented Mar 6, 2023

If we take the approach that I outlined in #389 (comment), then I think the best approach is to give admins these two options to choose from:

  1. Asking users to use a backup code to login, and then setup TOTP again. We could automatically display instructions to the user if they fail login and the admin has added define( 'TWO_FACTOR_ENCRYPTION_KEY_ROTATED', true ) to wp-config.php.
  2. Running a wp-cli command to migrate from the old to the new. The admin would have to define an TWO_FACTOR_ENCRYPTION_KEY__NEW in wp-config. The script would decrypt the usermeta values with the old key, and then encrypt them with the new key. Then the admin would rename TWO_FACTOR_ENCRYPTION_KEY__NEW to TWO_FACTOR_ENCRYPTION_KEY.

@iandunn iandunn modified the milestones: 0.8.0, 0.9.0 Mar 6, 2023
@jeffpaul jeffpaul modified the milestones: 0.9.0, 0.10.0 May 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Help Wanted
Projects
None yet
Milestone
0.11.0
Development

No branches or pull requests
5 participants
@kasparsd @iandunn @georgestephanis @jeffpaul @calvinalkan