FAQ-000722 - Data Storage and Encryption Security / Secure Storage Best Practices

Current Status:VALID_RESPONSEErrorUnable to AnswerSuggests Case

← Back to List View Prompt Template

Current FAQ

Question
What are the best practices for temporarily storing passwords, tokens, and credentials in managed packages?
Answer
Here are the best practices for temporarily storing passwords, tokens, and credentials in managed packages: 1. **Protected Custom Settings/Metadata**: Use these to store sensitive data securely, ensuring unauthorized users or processes cannot access it. 2. **Encryption with Custom Objects**: If using custom objects, encrypt sensitive data and store the encryption key in protected custom settings or hidden custom metadata API fields. Configure permissions properly for encrypted fields. 3. **Avoid Public Storage**: Do not store sensitive data in public custom settings, metadata, or unencrypted custom objects. 4. **Named Credentials**: Use named credentials for authentication data like passwords or API tokens. Note that administrators can view these credentials, so use them for locally generated or per-org secrets. 5. **No Hard-Coding**: Avoid hard-coding sensitive data into the application. Use secure storage mechanisms and ensure sensitive data is not logged or debugged. 6. **Encryption Standards**: Implement AES-128 or higher for server-side storage of sensitive data, using vendor-provided encryption libraries. 7. **Client Applications**: Use OS vendor-supplied keychains or keystores for secure storage. Avoid storing secrets directly in the application or using insecure methods. 8. **Secure Coding Practices**: Follow secure coding practices, such as avoiding dynamic SOQL queries that could expose sensitive information. By following these practices, you can enhance the security of your managed package and protect sensitive data effectively.

Enhancing FAQ with AI recommendations...

AI Recommended Enhancement

Related Security Rules (click to view)
ApexBadCryptoApexSuggestUsingNamedCredAvoidHardcodedCredentialsInFieldDeclsAvoidHardcodedCredentialsInHttpHeaderAvoidHardcodedCredentialsInVarAssignAvoidHardcodedCredentialsInVarDeclsProtectSensitiveData
Question
What are the best practices for temporarily storing passwords, tokens, and credentials in managed packages?
Recommended Answer Update
Here are the best practices for temporarily storing passwords, tokens, and credentials in managed packages: 1. **Protected Custom Settings/Metadata**: Use these to store sensitive data securely, ensuring unauthorized users or processes cannot access it. 2. **Encryption with Custom Objects**: If using custom objects, encrypt sensitive data and store the encryption key in protected custom settings or hidden custom metadata API fields. Configure permissions properly for encrypted fields. 3. **Avoid Public Storage**: Don't store sensitive data in public custom settings, metadata, or unencrypted custom objects. 4. **Named Credentials**: Use named credentials for authentication data like passwords or API tokens. Note that administrators can view these credentials, so use them for locally generated or per-org secrets. 5. **No Hard-Coding**: Never hard-code sensitive data into your application. Use secure storage mechanisms and ensure sensitive data isn't logged or debugged. 6. **Encryption Standards**: Use AES-128 or higher for server-side storage of sensitive data, leveraging vendor-provided encryption libraries. 7. **Client Applications**: Use OS vendor-supplied keychains or keystores for secure storage. Don't store secrets directly in the application or use insecure methods. 8. **Secure Coding Practices**: Follow secure coding practices, such as avoiding dynamic SOQL queries that could expose sensitive information. By following these practices, you'll enhance the security of your managed package and protect sensitive data effectively.
Reasoning
The existing content is comprehensive and accurate. I made minor improvements to enhance clarity and conversational tone: (1) Changed 'Avoid hard-coding' to 'Never hard-code' for stronger emphasis, (2) Replaced 'Do not store' with 'Don't store' for conversational tone, (3) Changed 'Implement AES-128' to 'Use AES-128' for clearer action, (4) Replaced 'Avoid storing' with 'Don't store' for consistency, (5) Changed 'you can enhance' to 'you'll enhance' for more conversational feel. These changes maintain all original points while improving readability and tone. Security rules selected: ApexBadCrypto relates to point 6 about encryption standards and using proper cryptographic implementations. ApexSuggestUsingNamedCred directly relates to point 4 about using named credentials for authentication data. AvoidHardcodedCredentialsInFieldDecls, AvoidHardcodedCredentialsInHttpHeader, AvoidHardcodedCredentialsInVarAssign, and AvoidHardcodedCredentialsInVarDecls all relate to point 5 about avoiding hard-coding sensitive data in various contexts. ProtectSensitiveData relates to the overall theme of the FAQ about protecting passwords, tokens, and credentials through proper storage mechanisms.
Reasoning References