Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. What's Password Criteria For Encryption Password On Backup Feature?

What's Password Criteria For Encryption Password On Backup Feature?

Scheduled Pinned Locked Moved Solved Support
passwordencryption
5 Posts 4 Posters 94 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • I Offline
    I Offline
    IniBudi
    wrote last edited by joseph
    #1

    Hi, I would like to know about the password criteria for encryption passwords on the Cloudron backup feature.

    Is it okay to use complex passwords like a combination of numbers, symbols, and Alphabet? Is it okay to use characters that are more than 30-100?

    Thank you
    Regards

    1 Reply Last reply
    0
    • nebulonN Offline
      nebulonN Offline
      nebulon Staff
      wrote last edited by
      #2

      Currently the only checked restriction is, that it must be > eight characters https://git.cloudron.io/platform/box/-/blob/master/src/backups.js?ref_type=heads#L352

      The password is then used to derive encryptions keys at https://git.cloudron.io/platform/box/-/blob/master/src/backups.js?ref_type=heads#L104

      This means the caveats outlined by nodejs docs will apply also to Cloudron https://nodejs.org/api/crypto.html#using-strings-as-inputs-to-cryptographic-apis

      1 Reply Last reply
      1
      • J joseph marked this topic as a question
      • J joseph has marked this topic as solved
      • I Offline
        I Offline
        IniBudi
        wrote last edited by
        #3

        Thank you for the clarification. So, I can use complex password for the encryption password.

        andreasduerenA 1 Reply Last reply
        0
        • girishG Offline
          girishG Offline
          girish Staff
          wrote last edited by
          #4

          Yes, ultimately we use https://nodejs.org/api/crypto.html#cryptoscryptsyncpassword-salt-keylen-options to derive a key from the password . It has no length restrictions (per the docs).

          1 Reply Last reply
          1
          • andreasduerenA Offline
            andreasduerenA Offline
            andreasdueren
            replied to IniBudi last edited by
            #5

            @IniBudi I'm using a * checks password manager * 128 character Passwort. I think yours will work too.

            1 Reply Last reply
            0

            • Login
            • Don't have an account? Register
            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search