I am the maintainer (loosely said) of the Encrypt module. It aims to provide a pluggable mechanism for doing encryption, as Drupal does not provide this.
It has fallen wayside, but I think it is an extremely valuable concept, and I would love to see it in core (even if not in core, the module and concept can continue in contrib). Imagine the ability to have a #encrypt
option in the form array definitions and data becomes just that much easier to secure. If this could get into core, security could become a much easier and thought about mechanism in our community.
There are some other options for encryption out there as well. Combining and standardizing these efforts would be awesome. The old AES maintainer and I already talked, though we have yet to follow through.
http://drupal.org/project/encrypt
http://drupal.org/project/aes
http://drupal.org/project/cse
http://drupal.org/project/xor_encryption
http://drupal.org/project/encrypt_submissions
Comments
protecting "PII"
Great idea.
I talked to someone at Drupalcon Chicago who used a modified version of either aes.module or encrypt.module and a hacked Drupal core to encrypt e-mail address and a few other profile fields since it is "personally identifiable information."
I'm not sure about encryption api in core, but definitely making it easier for someone to encrypt the e-mail and a field seems good. I imagine encrypting fields is now relatively possible, but e-mails still seem tricky.
knaddison blog | Morris Animal Foundation
I like this idea. I once
I like this idea. I once built an encrypt_fields module, but never contributed it, at least so far. It used the encrypt module as the basis and plugged into fields at the proper times to encrypt and decrypt.