How to encrypt and decrypt personally identifiable information?

y2kbug · July 19, 2023, 2:45am

System Information

Strapi Version: 4.11.4
Operating System: Ubuntu 22.04
Database: MySQL 8
Node Version: 18
NPM Version:
Yarn Version:

Recently I am request to add encryption to fields containing PII.
It seems to be required by some kinds of law.
The PII has to be encrypted when saving into database, and decrypted when fetched.

I have tried using “private” attribute and this plugin:

“Private” attribute simply hide the fields in API request, which does no encryption.

The plugin mentioned does encrypt the data, but does not decrypt the data on Admin UI.

Is there any other plugin I can use?
Or could I modify how data is retrieved on Admin UI so I can continue making use of the pulgin metioned?

Thanks.

Boegie19 · July 19, 2023, 4:44pm

most DBs have a way to encrypt them and decrypt the infromation when requested

so this issue can better be solved on the DB layer then on strapis layer

y2kbug · July 20, 2023, 2:41am

Using MySQL as example, as far as I know, encryption is enabled on table level. Since the tables are created by Strapi during installation, I think Strapi should add an option to support this.

For PII encryption, only specific fields are required to be encrypted, I think the plugin mentioned is good enough. The only problem is the encrypted is not visible on admin UI. I am not sure if it is a bug or a design.

Boegie19 · July 20, 2023, 7:22am

strapi has 0 encryption suport