Weak model-specific encryption key detected
- Rule ID: ruby_rails_weak_custom_key
- Languages: ruby
- Source: weak_custom_key.yml
Description
To ensure effective encryption, model-specific encryption keys should be 12 bytes or greater.
Remediations
❌ When using model-specific encryption keys, the minimum length you should use is 12 bytes
class User < ApplicationRecord
encrypts :email, key: "weak-key"
end
Resources
Associated CWE
OWASP Top 10
Configuration
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=ruby_rails_weak_custom_key
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=ruby_rails_weak_custom_key
Ready to take the next step? Learn more about Bearer Cloud.