Key Rotation
Key rotation is the process of replacing the active encryption key of a field with a new automatically generated key, while simultaneously re-encrypting all existing values of the field with the new key.
Rotating keys periodically is a recommended security practice: it limits the potential impact if a key is compromised, as it reduces the period during which that key could be used to access data.
How to rotate a field's key
- Navigate to the Secure Fortress Dashboard.
- In the side menu, select the Keys section.
- Locate the field whose key you want to rotate.
- Click the Rotate key button for that field.
- Confirm the action in the dialog box that appears.
Upon confirmation, the add-on automatically generates a new key and re-encrypts all field values in the background.
The Rotate key button is automatically disabled while a rotation is already in progress for that field. Once the previous process is complete, the button will become available again.
Monitoring progress
You can track the progress of the rotation in real time from the same Keys section of the administration panel.
Throughout the entire process, authorized users can continue accessing field values normally: the add-on manages the transition transparently, without interruptions for the team.
Rotation result
Once the process is complete:
- No errors: the previous key is automatically deleted and only the new key remains active.
- Errors occurred: the previous key is preserved to ensure no data becomes inaccessible. You can attempt the rotation again once the issue has been resolved.
When complete, the add-on records a summary of the operation in the audit log.