Is there any tool to take mongodb backup with password protection / encryption? If mongodb database files fall into wrong hands, can they attach to a mongod instance and get access to data (even if I have user / password protection for db)
Thanks!
As far as I know there is no official tool to encrypt your mongodb data as an export or as a database on disk. Right now, if someone gets full access to your files on disk, you are compromised. It is trivial attach a mongod instance to a db folder. A common solution to this problem is to use your application to encrypt/decrypt the fields of a collection you want to keep secret, only storing the encrypted version in the database. (But also please note that mongodb does support SSL for encrypted connections between machines)
If you wanted to make secure backups, one avenue would be to use the mongodump utility to write a dump of your database to a TrueCrypt drive, or some other encrypted filesystem/folder. Additionally, there are some third-party tools in place for dealing with encryption in mongodb. A quick search reveals that http://www.gazzang.com/products/zncrypt/mongodb seems to be a popular solution.