Unhashing password credentials

Donny_Ho · May 21, 2023, 10:23pm

I have an application that stores credentials and tokens for our customers. The idea is to have a recurring job that takes these credentials and make external API calls that require Oauth tokens to do so.

As I have understood the Credentials feature is a oneway hash and you can’t unhash the password to get it in plain text after you have hashed it, correct?

If the above tis true, how does one go about to store sensitive information in Fauna if I also have the need to get that data in plain text later? Do have have to encrypt it with a key on my end before I store it in my FaunaDB and when I read it I decrypt it?

ptpaterson · June 27, 2023, 2:41pm

Hi @Donny_Ho and welcome! I am sorry that it took so long to get to your question.

That is correct. Fauna does not store plain text passwords when using our built in authentication (Credentials feature).

That would be our recommendation: encrypt information in your application before storing in Fauna, then decrypt in your application once you read it back.

Donny_Ho · June 28, 2023, 8:35am

Yeah I figured that was the way to go, thanks

ptpaterson · September 26, 2023, 8:35am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Questions about fauna user authentication, ttl and privileges Help authentication , best-practices	5	1276	July 2, 2020
Reset passwords for user database when including External Authentication providers Help authentication	3	425	February 26, 2021
Is the Internal Login system really safe? Help	3	434	May 4, 2021
User authentication - Forgot password flow Help authentication	13	2250	June 4, 2021
Authentication in FaunaDB skeleton repository preview Help authentication	14	1730	June 4, 2021

Unhashing password credentials

Related Topics