While it is currently possible to change the database key by dumping it and reloading with a new key environment variable, this is impossible to do without significant uptime. We really should be better prepared for key rotation, whether in reaction to staff leaving the project or some mandated policy requiring us to change keys every year.
While it is currently possible to change the database key by dumping it and reloading with a new key environment variable, this is impossible to do without significant uptime. We really should be better prepared for key rotation, whether in reaction to staff leaving the project or some mandated policy requiring us to change keys every year.
Luckily, @yozlet has found an excellent primer on how to properly do field-level encryption in Rails projects and easy key rotation that we should probably adopt. This will require some substantial changes to our current database model though:
profiles
and instead join to them in a separate tableprofiles
table (or drop it if not needed anymore)It's a big thing, but it's really good for security and flexibility.