Hey, I’m using n8n via pm2 with basic auth. Right now I have the login credentials saved in clear text in my enviromental variables. Is there any way I can encrypt them?
Hi @Felix, you mean you’re setting N8N_BASIC_AUTH_USER and N8N_BASIC_AUTH_PASSWORD in clear text? As per Environment Variables | Docs, you could use a hashed password when setting N8N_BASIC_AUTH_HASH to true.
The hashed password would be compared using bcrypt.
1 Like
Okay, thank you!
You can use the hashed version of the password instead if you set the environment variable N8N_BASIC_AUTH_HASH to true.
An example for Docker (works exactly the same in pm2). Normally you start it as below to have the user “test” and the password “asdf”:
docker run -it --rm \
--name n8n \
-p 5678:5678 \
-e N8N_BASIC_AUTH_ACTIVE=true \
-e N8N_BASIC_AUTH_USER=test \
-e N8N_BASIC_AUTH_PASSWORD=asdf \
-v ~/.n8n:/home/node/.n8n \
n8nio/n8n
To use the hashed password you would set the above-mentioned environment variable, encrypt the password via bcrypt (can be done via code or on a website like Bcrypt Encrypt - Bcrypt Hash Generator - Online - Browserling Web Developer Tools), and then use the hashed version of the password instead
docker run -it --rm \
--name n8n \
-p 5678:5678 \
-e N8N_BASIC_AUTH_HASH=true \
-e N8N_BASIC_AUTH_ACTIVE=true \
-e N8N_BASIC_AUTH_USER=test \
-e N8N_BASIC_AUTH_PASSWORD='$2a$10$Gt4oJtk1hcjGZLRYYWKf2elTaUreIM7NgbgQQkaLVila20mX5fTFa' \
-v ~/.n8n:/home/node/.n8n \
n8nio/n8n
Both are identical and would give access via the same user <> password combination.
2 Likes
That worked like a charm, thank you!
2 Likes