Encrypt sensitive database fields

Draft Disclaimer: Please note that this article is currently in draft form and may undergo revisions before final publication. The content, including information, opinions, and recommendations, is subject to change and may not represent the final version. We appreciate your understanding and patience as we work to refine and improve the quality of this article. Your feedback is valuable in shaping the final release.

Language Mismatch Disclaimer: Please be aware that the language of this article may not match the language settings of your browser or device.
Do you want to read articles in English instead ?

Encrypt database field

Password fields are not the only one you need to encrypt in your database.

Builtin feature on laravel

class User extends Model {
  protected $casts = [
    'passport_number' => 'encrypted'
  ];
  protected $fillables = [
    'passport_number'
  ];
  protected $hidden = [
    'passport_number'
  ];
}

And that's it your database won't show clear record of passport numbers.

Wrap up

Gotcha:

  • once set, you will need the APP_KEY to decrypt any value stored. So do not lose track of APP_KEY no matter what
  • not easy to query, sort NB: This is another layer of security, but you should have others in place. Therefore, don't rely on this. Encrypt only what is absolutely necessary.
  • Would be irrelevant if you APP_KEY leaks