Encrypted Pages

[changchichung]

For Feature Requests

Desired Feature: encrypt page

is that possible to add a encrypt page in bookstack ? open page needs enter password or just encrypt the content ?

[Shackelford-Arden]

Out of curiosity, what is the use case you have in mind? what is the intent of encrypting in this way as opposed to simply using the built in permissions to properly hide/secure the page?

[mendiromania]

displaying it to the guests that you would give the password to I guess

[lithium-ap]

I have also been thinking how to pose this question or address feasibility. For my use I've been using this to document environments that occasionally have sensitive information. At the moment I do not store sensitive data.

I dont think encrypting the entire page is something i'm interested in, but more of specific content. Maybe this could be done with a special control or text box that allows the data to be obfuscated and stored in hashed in the DB

Not too sure how far outside of scope this would be either- I've considered contracting to implement and then offer for merge.

[Shackelford-Arden]

Would it not be sufficient to simply is the built in permissions to simply hide the pages from those who don't need them?

[lithium-ap]

No, not if you desire some of the data to be obfuscated; also the aspect of storing hashed in the database.

[ssddanbrown]

This is an interesting feature. Obviously the content would not be searchable, And you'd need to provide the password to edit the content.

[aljawaid]

Would be nice for admins to be able to hide/show/restrict content base don the user's account password.

For business case, this means that the manager can create a single document but password-protect certain pics/paragraphs to senior staff only so the juniors can't see.

Restricting by user name or all would be good options. Then globally set a password per book/page/chapter for 'anyone' to view the content.

[KyferEz]

This is a VERY important feature for HIPPA and GDPR considerations.

It would also enable the possibility of storing passwords in the system which would make it a FAR more useful system for system administrators wanting to maintain documentation for their clients.

[tmikaeld]

Which is exactly what I use it for, sysadmin docs. (With no sensitive information yet though)

I'm thinking, maybe use the same encryption as is used in Lastpass and Bitwarden (Open source)? This would certainly be secure, considering the implications of their encryption not being good enough.

[nullquery]

Running into this as well. Lack of encrypted pages makes it difficult to comply with ISO certifications. Currently, they would end up plaintext in a MySQL data file. Not ideal.

[guenth]

I would like to be able to encrypt at least "fields" in a page. That way the page could be searchable, but say the specific contents in a command would not. I still probably wouldn't put actual passwords in there, but sometimes it is desirable to obscure things like db structure or even user name lists.

[ghost]

This would be easily implemented with OpenPGP (or similar) client-side encryption using user account-linked public keys and a symmetric key per page or book. You can then rely on Subresource Integrity (SRI) and potentially user-side attestation of the libraries (or rely on standardized browser crypto) to deter server-side malicious tampering with the crypto.

[kaspwip]

BookStack is publicly hosted and it would be great, if necessary, to be able to encrypt and decrypt at the browser level (JavaScript)

[fklappan]

Did you already schedule this feature request? I would love to see the feature come to life!

Maybe some additional background: I use BookStack only for myself. So I would use the feature for some kind of "journal" or "private notes".

[wxrl]

Would love to have this feature to encrypt pages! Independent password required every time visiting the protected pages even for the owner as well as for those who can view.

[the-infrequency]

+1 Using this as an internal wiki, but have some information that we (temporarily) store that would be best to encrypt.

[FeIix]

The "Security and Encryption" extension for confluence has a nice way to do this, you can hide any content behind a button and give access permission to specific users or groups. It's integrated in the toolbar, like spoilers or code blocks. Really useful to store / share passwords, especially the Copy button

[DrMxrcy]

+1 For this. Would be great for Internal Wikis

[SonGokussj4]

Wow, this would be so cool. (and have the password categorized like in settings - "IT Admins" - set password, "Department X" - set password and so on.

[MepLab]

+1 - Would be very usefull for me :)

[42bios]

+1 this would be a great feature!

[larissa-pereira]

+1 necessary for GDPR

[mieszkou]

+1

[Szwendacz99]

Would be great, and make you feel safer when hosting instance that is open to world, and you would like to store there a bit of sensitive information too. Currently for such usecase (very sensitive notes) I rather use separate tool. I am not sure, but basic server-side encryption with password should be relatively easy to do?

[xKugeki]

+1 this feature would be awesome :)

[Mindpsy]

+1 this would be a great feature! Please to release it!

[JesusRedGar]

yes, this would be very desirable to have

[otherjoel]

My $0.02: Sensitive information and credentials should be stored, shared and protected using tools designed for that purpose, not in a documentation tool.

In particular, if you believe your envisioned use of Bookstack without this feature would put you afoul of HIPAA or ISO considerations, you either don’t understand those frameworks or you have bigger problems.

[Szwendacz99]

My $0.02: Sensitive information and credentials should be stored, shared and protected using tools designed for that purpose, not in a documentation tool.

In particular, if you believe your envisioned use of Bookstack without this feature would put you afoul of HIPAA or ISO considerations, you either don’t understand those frameworks or you have bigger problems.

You start talking about your case and somehow end up summarising my use of Bookstack.

Also, If something is worth hiding behind a password, I think it is worth encrypting, if that is not a trouble.

[FeIix]

In some case yes, in others no. I think the users should be able to decide if it's too sentitive or dangerous, or more practical for their project to have everything in the same tool.

[exnerit]

i am thinking about inserting access data as a link to e.g. 1password or keeper datasets. it might be an approach? yes you have to go back into another system. But i think that sensitive data is better stored in something like 1password or keeper. Maybe you can develop a functionality that recognizes such links and inserts them nicely formatted into the document?

[Mindpsy]

I think this is quite a demanded and appropriate function for such a project. For example, Evernote provides such a feature to its users. Because any information can be sensitive. And encrypting the contents of a specific page or certain sections of the page using a password, which is a fully justified way to additionally protect data. Even if the main tasks of the system are different.

[jacrook]

Hello, I'm wondering if this is still on the roadmap. I'm enjoying transferring my documentation, and this feature would enable full adoption.

Thank you

[ssddanbrown]

@jacrook This was never on the roadmap to be honest. Not that I'd never consider this, but I don't plan a roadmap that far out. From my view, this would introduce trade-offs & complexities, while encouraging a use we're not targeting nor suited for (passwords, secrets etc...).

For one-off/within-page encryption, it might be possible to hack something in on an instance via custom JavaScript (since it can all be client side).

For general instance wide encryption at rest, it might be possible to enable this at the database level but I have little experience in this personally and it's not something I've tested with BookStack.

[ZicPL]

@ssddanbrown In my opinion, your application is the best in its category. It was only a matter of time before such a request was made, and it is not without merit.

Background: Your application is so well-developed and very popular that your users need to focus on security instead of new features.

Security Considerations: You are faced with a choice of what to officially announce. Should you withdraw your application's security support for confidential information or should you take your security policy to a higher level.

Understanding the needs and Proposed Solution: Users asked you to encrypt selected or all application content. The point of encrypting the entire content of your application has been disproved by the users themselves. Exist dedicated apps for this. The point of encrypting selected content (e.g. a specific book) has been confirmed by everyone. I have the impression that choosing the encryption method for this need scared you (new undiscovered lands). Unnecessarily. I identified the request as like as .zip file encryption, i.e. there are no keys/secrets etc. on the server. Following this line of thought, Users asked you for "Private Mode" for selected content. Don't waste time thinking about what should be encrypted because the users who asked you don't know themselves. Let's focus on the encrypted book. When deciding to encrypt a specific book, the User should confirm that they understand that:

1. The content of the book is excluded from global search (only the name is publicly available)
2. The book is exported from the Database to a password-protected file and removed from the Database.
3. Losing the password means losing the book (nothing is stored locally except the encrypted book.
4. Created templates in "private mode" are available only within this book. Another encrypted book or an unencrypted book will not see the template.
5. Slowing down the application interaction when working with an encrypted resource is natural and depends on the server's performance.

Hidden dangerous: For my part, I would like to note that no user has written a use case that I have witnessed. The server administrator is not the same person as the application administrator. The server administrator, having full control over the device and system, committed a crime - without details, separating and encrypting the book from everyone is the subject of this discussion. The encrypted file can only be cracked using the BruteForce method

Conclusion: I understand that the pressure regarding data security in "Bookstack" is high, but this is evidence confirming the success of your application, in which public trust is only growing. Understanding the need (which I helped you with) will allow your application to meet expectations and rise to the top of the rankings.

I hope that my message is understandable to you and will allow me to receive a definitive answer from you whether you will implement: separating and encrypting the book. Bookstack is a great app and you've done an amazing job. I look forward to your continuing to develop it.

[ssddanbrown]

@ZicPL

Bookstack is a great app and you've done an amazing job. I look forward to your continuing to develop it.

Thanks!

I hope that my message is understandable to you and will allow me to receive a definitive answer from you whether you will implement: separating and encrypting the book.

If you need a definitive answer, assume the answer is no. That's not to say I'm dismissing the idea of this being implemented in some way in the future, but I can't provide any definitives on that.

Understanding the need (which I helped you with) will allow your application to meet expectations and rise to the top of the rankings.

I generally don't target rankings or expectations when it comes to deciding on features to support/implement, I prefer to focus on existing user & audience balanced to scope & maintenance/support burden.

[ZicPL]

@ssddanbrown Thank You for Your clear response. I acknowledge Your priorities and respect Your decision. I began utilizing your application several days ago and I'm pleased with its. My participation in this discussion stems from concerns about the potential access of device administrators to the data stored within your application. Let me explain: I've entrusted Your application with my personal data, including financial, academic, and entertainment information, without hesitation. However, I couldn't store sensitive medical data within Your app due to privacy concerns (sever admins). While this data isn't typically classified as confidential in the same manner as passwords or company plans, I felt a heightened sense of security was necessary. My local computer is a testing environment (no store essential data), and I don't possess a Network Attached Storage (NAS) device. Storing encrypted medical data in the cloud could be a viable solution, but it presents logistical challenges, such as:

1. Downloading and extracting the encrypted file.
2. Accessing the decrypted data using a secure device or program.
3. Ensuring the device has the necessary decryption tools and software.

In the context of this discussion's protected book by password, Bookstack could streamline the process by allowing me to conveniently use my personal resources. Anyway, I hope for Your "Yes" answer in the future :)

[Vennesaa]

@ZicPL The ability to encrypt a book with a password not stored in the application sounds lovely. As a DevOps, I've access to server applications and would never rummage through other people's garbage - it's unethical. I didn't write this as me, a woman, or an IT worker, but as a human being. True, I can't speak for everyone, but I can confirm that a server administrator with programming skills has full visibility of what you have on the server. Privacy certainly suffers because of this. Privately, I always stored my sensitive data on my NAS, but recently I've been struggling with frequent moves and also plan to store some important files for me in the cloud. That's how I'm here and I confirm that your proposal to make Bookstack friendly for private notes is spot on.