I am experimenting with the email function to send invoices. I connected it to my Google Workspace account. Fibery uses the (not-so-secure) app passwords for this.
Where and how does Fibery store this password?
This is important for me to know, because I the password gives access to my complete Google workspace and there is no way for me to limit this, which makes it a big vulnerability.
We are storing passwords in our database encrypted with a secret key.
so how could we set that secret key for databases or entities level ?
@Minh_Tri_Do_Hang this is about the Google workspace integration for email. If you want Fibery to send emails using your Google workspace, you have to connect an email account. From @Polina_Zenevich 's answer, I understand that Fibery stores my email password encrypted in a database and that they use a private key for encryption that is only available to Fibery.
well, that’s actually app password to set integrate with emails
Other hand, i wanna to ask, do we have any way to private 1 database or 1 entity storage some of my passwords
Ah. I don’t know. Best to put this question in a new topic.
If you have a question on another issue I suggest starting a new topic