[wp-trac] [WordPress Trac] #64789: Security audit for API key storage on the Connectors screen
WordPress Trac
noreply at wordpress.org
Wed Mar 4 11:43:47 UTC 2026
#64789: Security audit for API key storage on the Connectors screen
--------------------------+---------------------
Reporter: gziolo | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 7.0
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+---------------------
Comment (by johnbillion):
There's currently no way to store a two-way encrypted value in WordPress
without tying it either to one of the built-in secret keys in wp-
config.php or tying it to a new secret. Tying it to a key in this file
risks data loss if it gets rotated or a user migrates/exports/copies their
data to another environment that uses different keys.
[https://felix-arntz.me/blog/storing-confidential-data-in-wordpress/ Felix
has written about how the Google Site Kit plugin encrypts API keys], but
it still relies on a secret key in wp-config.php.
There's nothing that can be done about this in time for 7.0. In the past
I've floated the idea of a two-way encryption API in WordPress which uses
no encryption by default but allows site owners and hosts to connect it to
an environment variable for local two-way encryption, a KMS, a secret
store, or any other opt-in means of encryption that reduces the
opportunity for data loss.
CC @kasparsd @snicco @rmccue @flixos90
--
Ticket URL: <https://core.trac.wordpress.org/ticket/64789#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list