This project is not covered by Drupal’s security advisory policy.
This EXPERIMENTAL module provides a way to use an encryption key per user.
In combination with the Field Encryption module, this enables you to encrypt each user's fields with a different
key.
This is a developer-only module. You will need to write custom code for it to work.
Submit bug reports and feature suggestions, or track changes in the href="https://www.drupal.org/project/issues/key_per_user">issue queue.
Table of contents
- Features
- Requirements
- Installation
- Configuration
- Maintainers
Features
- Encrypt fields with a different encryption key for each user.
Requirements
This module requires the following modules:
- Field Encryption (to encrypt fields per user)
- Sodium (the encryption method used by this module)
- Encrypt (dependency of Field Encryption)
- Key (dependency of Encrypt)
Installation
Install as you would normally install a contributed Drupal module. For further information, see href="https://www.drupal.org/docs/extending-drupal/installing-modules">Installing Drupal Modules.
This module requires you to use the install config (encrypt profile key_per_user and key
per_user).
If you delete this config, the module will break.
Configuration
In custom code, you need to extend the UserBundle to implement KeyPerUserInterface.
You need to implement two methods:
getEncryptedPerUserBundles()This method returns a list of the entity types which have fields that
should be encrypted per user.getEncryptionKey()This method returns the encryption key as a string. It should be a value that the
Sodium module can work with.
How do I set up the encryption key per user?
Here's one approach:
- On the user entity, add a text field.
- Encrypt this field with the Field Encrypt module.
- Restrict permissions so that users cannot view or edit this field.
- In your UserBundle, add a function to set the value of the field to the per-user encryption key. For example, you
can callKeyPerUserGenerator::generateEncryptionKey(). - Specify the bundles to encrypt per user in your UserBundle (output of
getEncryptedPerUserBundles()).
Maintainers
- Patrick Kenny - ptmkenny
Project information
- Project categories: Security
- Ecosystem: Key
3 sites report using this module- Created by ptmkenny on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
Releases
1.0.0-alpha2
released 24 July 2025
Works with Drupal: ^11.1
OOP hooks and Field Encrypt 4.x support
Install:
Development version: 1.0.x-dev updated 21 May 2026 at 05:49 UTC
