News? Support?
Just the bookkeeping solution i needed

I've been needing to keep up with my personal finances, but i never got around to it until trying fl...



Depreciable Assets Report now available

Depreciable Assets report now available to flowlog.net members. Please see the full post for further...



*




 

Autonomous Account Encryption simply refers to account data encryption that is completely under the control of the end user.

Laravel (the php framework flowlog is built with), via a third party package, and MariaDB both offer At Rest Encryption which can encrypt & decrypt database contents on the fly, but this uses one shared key, and the key is stored permanently on the server. This is fine when self hosting, because the end user can encrypt their whole hard drive and shut down their computer when away, making the key inaccessible to attackers (assuming no cold boot attack, etc.), but this is less than ideal when hosting in a datacenter, as the server is always running and vulnerable to local human intervention. Also, if there is a global database decryption key on the server, as is used with standard At-Rest Encryption, that could be "requested" by some outside entity. Therefore, every user's account is at risk if one user is a target of an investigation of some kind. While the risk should be low, this vulnerability is just not in line with flowlog.net's requirements.

flowlog.net's Autonomous Account Encryption feature improves upon this situation by generating a unique key for your account that flowlog doesn't permanently store. You save this key, and provide it each time you log in to your flowlog account. flowlog temporarily stores your key in your encrypted session, uses it to decrypt and encrypt your data on the fly, using php's openssl_encrypt() function (which uses the AES-256-CBC cipher), and then destroys the encrypted session (containing it's copy of your key) when you log out or close the browser window. This reduces the time the server has your key, the key is not stored in plain text, and you're not sharing your fate with every other user, via a shared key.

Please read the Details and Warnings page prior to enabling, as this feature may not be suited for every use case.