This module uses the jCryption plugin (http://www.jcryption.org version 1.2 only) to encrypt any form submission in Drupal using 265-bit public/private key encryption. For example, you can use it to encrypt the login and registration form, so a user's passwords are never transmitted in clear text. This is similar to how SSL works to encrypt traffic.
It should be noted that this module is not a replacement for SSL, which can protect against other types of attacks. This module is intended for those who desire some minimal security from hackers, but either cannot afford an SSL certificate, or only need basic protection of form data. For full protection, you should purchase an SSL certificate.
- Works on any Drupal forms-- login, search, content types, settings, and forms from other contributed modules.
- 256-bit public/private key encryption.
- The keys are generated freshly per-submission, reducing the chances of cycling attacks.
- Administrators may specify that the module only encrypt certain form submissions, leaving other form submissions in the clear.
- Can be used to encrypt passwords during login, similar to the Safer Login module for Drupal 6 (http://drupal.org/project/safer_login)
- Supports Libraries API (http://drupal.org/project/libraries) to make upgrading easier.
About Drupal 6...
This module requires you to download the jCryption libraries, located here: http://www.jcryption.org
Please download version 1.2-- later versions are not currently supported.
Download here: https://github.com/HazAT/jCryption/tags
jCryption requires the PHP module "bcmath". This is probably already installed on your server, but if it is not, you will need to enable it. On Fedora, the command is: yum install php-bcmath.
Please note: These libraries were NOT programmed by this module's maintainer. It was mostly programmed by Daniel Griesser, and comprises several other libraries by different authors. Please visit http://www.jcryption.org/about for a full list of credits.
This module only works on forms which use POST as their method type. This is most of the forms in Drupal, but possibly there are some contributed modules out there which use GET.
- Unpack the module files into /sites/all/modules/encrypt_submissions.
- Download the jCryption libraries and unpack them into:
so that the jcryption.php file is located at:
- If using Libraries API, unpack jcryption files at sites/all/libraries/jcryption/ (notice "jcryption" directory is all lowercase.
- Enable the module, and be sure to enable the "access" permission for your users, or else no one will be able to use it. If you are protecting the login and registration forms, be sure to give the "access" permission to anonymous users!
- Visit the configuration page to specify which forms you want it to work on.