Can we encrypt emails and names in the MODX user tables?

To meet privacy requirements, some customers either prefer or require that email addresses and names be encrypted. Is it possible to encrypt those fields in the database?

I don’t think MODx has a built-in mechanism to encrypt these fields.

Maybe you could use the event ‘OnUserProfileBeforeSave’ to encrypt these values, before they are stored. But then you had to somehow decrypt them every time they are used, and it would probably break some extras like Login.

The only thing I can think of would involve modifying the code of both the modUser and modUserProfile objects to override their get() and set() methods to encode and decode those values.

Changing core code is very sternly discouraged and your changes would be overwritten whenever you upgraded MODX.

In addition, with hashing, like MODX uses for passwords, the password is not recoverable from the hashed value. For you’re purposes, though, the data would have to be recoverable (decoded), which means it would not be very secure.

Maybe you could satisfy people by letting them pick a “display name” that would be used on-screen, and assuring them that no one can see their username but qualified administrators.