backend encryption / security

Herbert Thoma herbert.thoma at
Wed May 7 03:57:19 EDT 2014

We have a FAQ on this issue:

Am 07.05.2014 00:40, schrieb Michalis Kamprianis:
> Hi,
> I can see in uservoice, and I think frequently asked in lists, the request for encryption or password protection of the datafile.
> Regarding database backends, I believe that database encryption should be used if required, (although I understand that dbi may not be up to the task).
> Nevertheless, for xml backend, I think that I could try to implement an AES based encryption (on saving) and decryption (on opening), based on code from aescrypt.
> Aescrypt is available for unix, windows, mac, so the implementation should probably be portable across platforms. The code is some gpl and some freeware.
> Of course such a solution only protects data at rest (i.e. when data is read in memory it is not protected. Log files are not protected. User configuration files are not protected - at least initially, and so on) so it's not transforming gnucash to the most secure accounting software out there, but solves the problem with datafile misplacement or unwanted access.
> The thing is, (a) I don't know if you're interested and / or agree in implementing something like that, and (b) although I will probably manage to code the open and save routines, I'm not sure I will not get stuck somewhere, in which case it will either remain as an unfinished project, or I will need some help from somebody more experienced.
> Your thoughts?
> Regards
> Michalis
> _______________________________________________
> gnucash-devel mailing list
> gnucash-devel at

Herbert Thoma
Dipl.-Ing., MBA
Head of Video Group
Multimedia Applications Department
Fraunhofer IIS
Am Wolfsmantel 33, 91058 Erlangen, Germany
Phone: +49-9131-776-6130
Fax:   +49-9131-776-6099
email: herbert.thoma at

More information about the gnucash-devel mailing list