guangzhiyao/bichon
1
0
Fork 0
mirror of https://github.com/rustmailer/bichon.git synced 2026-02-08 17:14:13 +01:00
Code Issues Projects Releases Packages Wiki Activity
Page: Securing Credentials: Encrypting Passwords and OAuth Tokens
Pages
Configuration Reference Custom Storage Configuration De‐duplication FAQ (Frequently Asked Questions) Home How to Select Folders to Sync Permissions and Multi‐User System Reset Admin Password (Offline Tool) Securing Credentials: Encrypting Passwords and OAuth Tokens Setting the Bichon Encryption Password Store External OAuth2 Token API Using Bichonctl For Email Import
1 Securing Credentials: Encrypting Passwords and OAuth Tokens
rustmailer edited this page 2025-11-23 00:39:06 +08:00
Table of Contents

bichon_encrypt_password / BICHON_ENCRYPT_PASSWORD

Default: "change-this-default-password-now" Type: String Purpose: Used by Bichon to encrypt sensitive information

🔐 Description

This configuration is used by Bichon to encrypt sensitive data, including:

  • Email account passwords
  • OAuth2 client_secret
  • OAuth2 access and refresh tokens
  • Bichon application login passwords

⚠️ Warning: You must change this password before first use, before any data exists. Once set, it cannot be changed. Modifying it later will make previously encrypted data unreadable, and you will need to rebuild Bichon from scratch, clearing all historical emails and metadata.

⚙️ How to Use

You can provide this password either via command-line argument or environment variable.

1. Command-Line

bichon --bichon-encrypt-password "your-strong-password"

2. Environment Variable

export BICHON_ENCRYPT_PASSWORD="your-strong-password"
bichon

Note: Command-line argument takes precedence over the environment variable.

💡 Tips for a Strong Password

  • At least 16 characters
  • Include letters, numbers, and symbols
  • Avoid dictionary words
  • Store securely in a password manager