Hey, I’m using n8n via pm2 with basic auth. Right now I have the login credentials saved in clear text in my enviromental variables. Is there any way I can encrypt them?
Hi @Felix, you mean you’re setting N8N_BASIC_AUTH_USER and N8N_BASIC_AUTH_PASSWORD in clear text? As per Environment Variables | Docs, you could use a hashed password when setting N8N_BASIC_AUTH_HASH to true.
The hashed password would be compared using bcrypt.
Okay, thank you!
You can use the hashed version of the password instead if you set the environment variable N8N_BASIC_AUTH_HASH to true.
An example for Docker (works exactly the same in pm2). Normally you start it as below to have the user “test” and the password “asdf”:
docker run -it --rm \
--name n8n \
-p 5678:5678 \
-e N8N_BASIC_AUTH_ACTIVE=true \
-e N8N_BASIC_AUTH_USER=test \
-e N8N_BASIC_AUTH_PASSWORD=asdf \
-v ~/.n8n:/home/node/.n8n \
n8nio/n8n
To use the hashed password you would set the above-mentioned environment variable, encrypt the password via bcrypt (can be done via code or on a website like Bcrypt Encrypt - Bcrypt Hash Generator - Online - Browserling Web Developer Tools), and then use the hashed version of the password instead
docker run -it --rm \
--name n8n \
-p 5678:5678 \
-e N8N_BASIC_AUTH_HASH=true \
-e N8N_BASIC_AUTH_ACTIVE=true \
-e N8N_BASIC_AUTH_USER=test \
-e N8N_BASIC_AUTH_PASSWORD='$2a$10$Gt4oJtk1hcjGZLRYYWKf2elTaUreIM7NgbgQQkaLVila20mX5fTFa' \
-v ~/.n8n:/home/node/.n8n \
n8nio/n8n
Both are identical and would give access via the same user <> password combination.
That worked like a charm, thank you!