Another storage method uses Drupal’s hash_salt as an encryption key.

The hash_salt is already used as a secure key for generating one-time links, hashing passwords, and other security-critical operations. It can also be protected from being stored directly in settings.php.

If the hash_salt were ever compromised, the entire site’s security would be at risk. Because it is such a critical and trusted secret, it can also serve as a secure basis for encrypting stored data.

This module extends functionality of the Key module.
For more details, see issue issue #3028014.

Supporting organizations: 
Front ID
Bordeaux Metropole
Development

Project information

Releases

2.0.1 Stable release covered by the Drupal Security Team released 5 December 2025
Works with Drupal: ^10.3 || ^11
Install:

Development version: 2.x-dev updated 5 Dec 2025 at 11:54 UTC

1.0.1 Stable release covered by the Drupal Security Team released 4 July 2023
Works with Drupal: ^8.7.7 || ^9 || ^10
Install:

Development version: 1.x-dev updated 2 Jul 2023 at 08:57 UTC

Using Composer to manage Drupal site dependencies