I have a user model using authlogic and a model storing some confidential data for each user. To secure the system, I would like to de/encrypt the attributes of the latter model using attr_encrypted. I want to have a system that is secure, if somebody manages to steal the entire database and application source code.
My question is: What is the best way to generate the password for attr_encrypted? And how do I keep it in "memory" during the login session, so that I can de/encrypt when it is necessary?
I thought of following:
Generate a random password when a user registers, encrypt it with the users password and save it in the database.
Whenever the user logs in, use his password to decrypt the random password.
Save the random password in a cookie, so that personal data can be de/encrypted whenever necessary.
Do you have any suggestions or better ideas? In particular I am unsure about the last bullet point...
