Drupal is a registered trademark of Dries Buytaert
cms 2.1.3 Update released for Drupal core (2.1.3)! drupal 10.5.11 Update released for Drupal core (10.5.11)! drupal 11.3.11 Update released for Drupal core (11.3.11)! drupal 11.2.13 Update released for Drupal core (11.2.13)! drupal 10.6.10 Update released for Drupal core (10.6.10)! cms 2.1.2 Update released for Drupal core (2.1.2)! drupal 11.1.10 Update released for Drupal core (11.1.10)! drupal 10.5.10 Update released for Drupal core (10.5.10)! drupal 10.4.10 Update released for Drupal core (10.4.10)! drupal 11.2.12 Update released for Drupal core (11.2.12)! drupal 11.3.10 Update released for Drupal core (11.3.10)! drupal 10.6.9 Update released for Drupal core (10.6.9)! drupal 10.6.8 Update released for Drupal core (10.6.8)! drupal 11.3.9 Update released for Drupal core (11.3.9)! drupal 11.3.8 Update released for Drupal core (11.3.8)! drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)!
← All modules

key_per_user

1 sites No security coverage
View on drupal.org

This EXPERIMENTAL module provides a way to use an encryption key per user.

In combination with the Field Encryption module, this enables you to encrypt each user's fields with a different
key.

This is a developer-only module. You will need to write custom code for it to work.

Submit bug reports and feature suggestions, or track changes in the href="https://www.drupal.org/project/issues/key_per_user">issue queue.

Table of contents

  • Features
  • Requirements
  • Installation
  • Configuration
  • Maintainers

Features

  • Encrypt fields with a different encryption key for each user.

Requirements

This module requires the following modules:

  • Field Encryption (to encrypt fields per user)
  • Sodium (the encryption method used by this module)
  • Encrypt (dependency of Field Encryption)
  • Key (dependency of Encrypt)

Installation

Install as you would normally install a contributed Drupal module. For further information, see href="https://www.drupal.org/docs/extending-drupal/installing-modules">Installing Drupal Modules.

This module requires you to use the install config (encrypt profile key_per_user and key
per_user).

If you delete this config, the module will break.

Configuration

In custom code, you need to extend the UserBundle to implement KeyPerUserInterface.

You need to implement two methods:

  • getEncryptedPerUserBundles() This method returns a list of the entity types which have fields that
    should be encrypted per user.
  • getEncryptionKey() This method returns the encryption key as a string. It should be a value that the
    Sodium module can work with.

How do I set up the encryption key per user?

Here's one approach:

  1. On the user entity, add a text field.
  2. Encrypt this field with the Field Encrypt module.
  3. Restrict permissions so that users cannot view or edit this field.
  4. In your UserBundle, add a function to set the value of the field to the per-user encryption key. For example, you
    can call KeyPerUserGenerator::generateEncryptionKey().
  5. Specify the bundles to encrypt per user in your UserBundle (output of
    getEncryptedPerUserBundles()).

Maintainers

Activity

Total releases
1
First release
Jul 2025
Latest release
10 months ago
Release cadence
Stability
0% stable

Releases

Version Type Release date
1.0.0-alpha2 Pre-release Jul 24, 2025