In my first post about encryption I discussed a solution that was basic. The approach used Spring’s Encryptor classes, one of which, the queryable TextEncryptor, was deprecated due to it being insecure. Since then, I have spent time enhancing other aspects of the platform, as well as kicking off an app based on it.… Read more
Encryption
First and foremost, I am not an encryption expert. I’ll tell you right off the bat that the solution provided before is not the best to use in a production environment. This is because the encryption password is stored in the application.properties file. If someone gets access to the box and they can read the file, they can decrypt our data.… Read more