A question or two about encrypted metadata, which I couldn’t find the answers to, neither in the docs, nor on the forum, nor issues filed over on Github. At the moment we’re running Pro v5.3.2 but haven’t activated the encrypted metadata feature yet. The question is: once encrypted will metadata still be searchable? At the moment we often rely on searching information only present in the URL, or a certain user name for which we do not know the exact description.
Based on the answer a couple more questions arise:
If not searchable anymore, will we be able to stay on unencrypted metadata indefinitely?
If we stay on unencrypted metadata, will we be able to use the new features that seem to rely on encrypted metadata such as multiple URL fields, custom fields etc.?
The data stored in encrypted metadata is currently searchable on the password workspace and quickaccess of the browser extension, as well as on mobile. It’s not searchable however on the database side (as that’s the goal of the feature, to improve security on that front).
No, new features will not be backported to old resources types (it’s intentional, it’s to give an incentive for people to migrate to a more secure solution).
I hope that helps, feel free to ask follow up questions if that’s not clear.
The data stored in encrypted metadata is currently searchable on the password workspace and quickaccess of the browser extension, as well as on mobile. It’s not searchable however on the database side (as that’s the goal of the feature, to improve security on that front).
Using the various UIs for search is what I meant, yes. Obviously the whole point of the feature is that DB admins cannot just SELECT * So that should work fine for our purposes. I’ll guess I’ll start the evaluation soon, then (with proper backups, for sure).
I’d recommend just creating the key, enabling encrypted metadata, and keeping the default as legacy, this way you can test without much changes to your current setup
So that should work fine for our purposes. I’ll guess I’ll start the evaluation soon, then (with proper backups, for sure).