Kexi/Security/Add password protecting to Kexi database files

From KDE Community Wiki
< Kexi‎ | Security
Revision as of 12:58, 10 December 2014 by Jstaniek (talk | contribs) (→‎Notes)

Status: assigned to W. Kosowicz <[email protected]>, Target: 2.9, Wish #300625

Mentored by Jstaniek (talk) 13:22, 4 October 2014 (UTC)

Goal

Ability to encrypt .kexi database files (SQLite-based) with a password.

Scenario

  • User shares the .kexi files (e.g. via email) but want reasonable security.
  • He prefers to use passwords instead of public/private keys.

The choise of encryption solution for SQLite

Requirements

  • R1. Password is used for a single session with Kexi, when database is closed the password is no longer in memory.
  • R2. When database is closed, it's stays in an encrypted form.
  • R3. .kexi files are not encrypted by default.
  • R3.1. User can set password after successfull openining of .kexi file (encrypted or not encrypted).
  • R3.2. Setting password to empty, effectively removes encryption.
  • R4. The Kexi app should be able to detect that the .kexi file requires password on opening.

Notes