Using the Secure Macro
The heart and soul of the Security and Encryption add-on is the Secure macro. This page gets you up and running to secure your data. Users are only able to view the encrypted text after entering their Confluence password.
Let's encrypt some secret information, decrypt it and view its Audit Log.
Security and Encryption
Encrypting the Text
Insert a Secure macro.
You should now see the following pop-up window:
Enter a Title. This is the text that will appear to anyone who is viewing the page. Try to keep it short yet descriptive.
Now enter the text that you would like to encrypt in the Secret field.
Next, click the Who can access drop down list, so you can assign the access accordingly. You can choose to make it accessible for Specific User(s) or Group(s), you can also opt to exclude certain User(s) or Group(s), or just make it accessible to the Owner.
Then, type in a user or user group to limit who gets to see the encrypted text.
If you leave the User(s) and Group(s) fields blank, then only you (the creator of the macro on the page) will be able to view it.
You should have something that looks like this:
And after you click Insert, you will have something that looks like this in the Confluence editor:
Save the page to see the following:
A blue button with the title you entered will be displayed on the page.
To decrypt the text, click the blue button and follow the instructions provided.
For more information on decrypting the text, consult the following section.
Decrypting the Text
Ensure you have access to the page with the Secure macro and you are one of the users that have been granted permission in the macro.
Click on the blue button with the small lock icon. It should look something like this:
The following screen will appear:
Enter your Confluence password and click Decrypt.
Why do I need to enter my password?
You also have the option to prevent the Secure macro from asking you for your password for the next 5 minutes.
For more information: Managing Password Timeouts in the Secure Macro.
If your Confluence password is successfully authenticated, the following screen will be displayed.
The password will only be revealed after the additional step of clicking the Reveal button.
The decrypted text will then be displayed inline within the page.
To skip revealing the password, simply click the Copy to clipboard button to easily paste your password elsewhere.
Copy the text quickly because Managing Password Timeouts in the Secure Macro.
After the preset time has elapsed, the window will disappear and you may have to enter your Confluence password again if you did not check the Don't ask me again in the next 5 minutes option.
Viewing Audit Logs
Audit logs are available to show who has decrypted and seen this information.
Click the button and enter your Confluence password when prompted to display the encrypted information.
At the bottom of the dialog window, click View audit log.
How the Encryption Works to Keep Your Text Secure
Your text is kept secure as much as possible along the way:
What is Secure Info?
We take security very seriously. Your credentials are never sent as plain text and is encrypted using PGP, AES-128 and other security measures. This secure info is client specific and is only used to reconfirm the identity and reauthenticate the requesting user.