in reply to Re: OT: Storing encryption keys securely
in thread OT: Storing encryption keys securely

Adding a second node adds complexity. You will need to store the credentials for that one too.. plus storing the key in clear text in the database is just a more complex way than storing it in a file. Asking the key on startup sounds OK but when updating the key (during password recovery), all existing passwords now become invalid as they cannot be re-encrypted. Thanks for the ideas.

... I'm belgian but I don't play one on TV.