https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33934 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |m.de.rooy@rijksmuseum.nl --- Comment #15 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- For purists, taken from Crypt::CBC -pass,-key The encryption/decryption passphrase. These arguments are interchangeable, but -pass is preferred ("key" is a misnomer, as it is not the literal encryption key). So our "encryption key" is a misnnomer too :) It is a passphrase used to generate the real encryption key. We say now: We recommend one of at least 32 bytes. It should be formally at least 16 bytes (AES blocksize) in order to be safe. So 32 is fine. Shouid we enforce a minimum length in Koha::Encryption? -- You are receiving this mail because: You are watching all bug changes.