https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28998 --- Comment #7 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- This is what we do with the API secret using Crypt::Eksblowfish::Bcrypt : $self->set( { secret => Koha::AuthUtils::hash_password( $self->{_plain_text_secret} ), client_id => $self->_generate_unused_uuid('client_id'), } Just reading a bit, it seems that AES is preferred over Blowfish. But this is theoretical and about larger texts to encrypt. Since we are only crypting a short secret here, I wonder if we should not stick to Blowfish here and use what we already have instead of yet another module? -- You are receiving this mail because: You are watching all bug changes.