This project is not covered by Drupal’s security advisory policy.
Adds AES-256 client-side encryption to authentication forms (login, registration, user edit) with automatic server-side decryption. Uses per-form session keys for enhanced security and includes detailed logging for security auditing.
Features
- Zero configuration - works out of the box
- Encrypts passwords and usernames before transmission
- Per-form, per-session encryption keys with server validation
- Security event logging (key mismatches, decryption failures)
- Supports CDN or local CryptoJS installation
- Compatible with standard Drupal forms
Requirements
- PHP OpenSSL extension
- CryptoJS library (auto-loaded from CDN or place in
/libraries/crypto-js)
Installation
- Install module as usual
- Module automatically attaches to login, registration, and user edit forms
- Optional: Place CryptoJS in
/libraries/crypto-jsto avoid CDN dependency
Project information
Maintenance fixes only
Considered feature-complete by its maintainers.- Project categories: Access control, Security
2 sites report using this module- Created by mesharideb on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
Releases
1.0.0-beta2
released 25 September 2025
Works with Drupal: ^10 || ^11
minor cleanup and bugfixes.
Install:
