Encrypted Passwords

thost96

Hey Guys,

it would be very nice, that passwords stored in the config file could be saved encrypted and not in plain text. This should also be an option for plugins like pimatic-fritz.

Is something like this already implemented or planed?

koffienl

@thost96
You would need physical access to the server/raspberry pi and login with a known user/password to get to the config file. Only other option to get to the config is by accessing it from Pimatic. You would need rights (configured it in the roles) and know the password. With read rights to the config, but not knowing the password you will only see xxx as password.
In my opinion there is enough protection for the config?

mwittig

I think it would be better to provide for an option to using a trusted authentication service like we have the forum, for example. This way, you won’t need to store a password.

It should be fairly straightforward to implement using http://passportjs.org/ for example

thost96

@koffienl said:

In my opinion there is enough protection for the config?

Yes, youre right, but it would be a nice security feature.

@mwittig
I think an integration for a system like the forum is nice, but not everybody likes to use e.g. github or any other external service for authentification. Also what do you do, when your internet connection is down? Authentificationto pimatic would then also don’t work.

I would also be nice to have a kind of global authentification, like if you have multiple pi’s running pimatic with the same users.