Skip to content

I suggest you ...

← Feature Request

Allow the database to be secured by way of a password

Corresponding bugzilla item: https://bugzilla.gnome.org/show_bug.cgi?id=700803

The aim is not absolute security but would prevent casual access to the information held. (Windows ACLs go some way towards this but any administrator could view the information.)
If this would be better done by securing the files outside the application, could someone tell me how?

179 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
David Denholm shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • PRG commented  ·   ·  Report

    I really do hope for this to be implemented... Don't those database engines support encryption natively already?

  • Willynux commented  ·   ·  Report

    I'm surprised this is not the first feature implemented in a software that handles sensitive data.

  • John Antolak commented  ·   ·  Report

    Easy - Create a Trucecrypt volume when Mounting use your own Password
    Save your ???????.gnucash account in the now mounted drive
    Hey Presto!!!! whenever you dismount the drive the data is seamlesly encrypted

  • Nila Akash commented  ·   ·  Report

    See feature request "Prevent accidental changes by locking a fiscal period". If any type of password is implemented, perhaps there could be different levels or types of password protection:

    1) Prevent all access
    2) Print cheques
    3) Modify data in a previous period, etc.

  • Mitch commented  ·   ·  Report

    I would like to add what i hope is not "unhelpful".
    I think what most would like to see is "application access" security. not data security. so allowing sql to provide security (user/pass) used by GnuCash to access/login to SQL would provide what most people need... also this would be part of foundation for multi user and internal ACL who can print checks delete transactions...
    example you might have a part time person that you want to enter data but you don't want them printing checks or trying to import bank data...

    just to be clear this would not "ENCRYPT" any data or provide any read data security... just a basic level and access controls...

  • Admincstim (Core Developer, GnuCash) commented  ·   ·  Report

    [Somebody gave the following description of the use case:] In the real world, mom, pop and the kids all use the same account on the same computer. Might not be very security conscious, but that's the way it is. A simple password feature might not defeat 1337 hackers, but it would be more than enough to discourage casual snooping by curious fellow users.

  • GnuFan commented  ·   ·  Report

    cstim, I have read the FAQ, but am still struck by the need to implement password protection. The arguments put forth in the wiki ignore the business realities of those who use Gnucash. Users do not necessarily have the access / ability to implement a separate security layer.

    This feature alone would do more to drive adoption of Gnucash than any other listed here. I am tired of meeting people who refuse to use this solely on this objection.

Feature Request

Categories

Feedback and Knowledge Base

(thinking…)