Problem Statement
The mfa_secret field in the database is currently stored in plaintext. If an attacker gains read access to the database or a backup, they can clone the MFA seeds and bypass 2FA for all users.
Technical Approach
Utilize the existing AES encryption key from the environment config to encrypt the TOTP secret before saving it to PostgreSQL, and decrypt it during MFA verification.
Acceptance Criteria
mfa_secret is stored as an encrypted binary/base64 string in the database.
- Existing TOTP verification flows seamlessly decrypt the secret in memory.
Problem Statement
The
mfa_secretfield in the database is currently stored in plaintext. If an attacker gains read access to the database or a backup, they can clone the MFA seeds and bypass 2FA for all users.Technical Approach
Utilize the existing AES encryption key from the environment config to encrypt the TOTP secret before saving it to PostgreSQL, and decrypt it during MFA verification.
Acceptance Criteria
mfa_secretis stored as an encrypted binary/base64 string in the database.