Loading...

XML

Word

Printable

JSON

Type: New Feature
Resolution: Done
Priority: Major - P3
Fix Version/s: 4.1.2
Affects Version/s: None
Component/s: Security
Labels:
- platforms_security

Backwards Compatibility:
Fully Compatible
Sprint:
Platforms 2018-07-30
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

When a user is created or when we update a password in the shell, the password is in plain text.

Can we have a way to mask password on user creation? For example, by prompting for the password with echo off.

Such feature could also be implemented on password change.

is related to

SERVER-3788 version of auth() that prompts for password so it is never displayed

Closed

SERVER-36803 Ability to prompt for user input in shell

Closed

SERVER-36802 Don't omit db.auth() et al from shell history if they don't contain string literal password

Closed

Assignee:: Kashish Garg (Inactive)
Reporter:: Davenson Lombard
Participants:: Davenson Lombard, Githook User, Kashish Garg, Kevin Pulo
Votes:: 0 Vote for this issue
Watchers:: 13 Start watching this issue

Created:: Jun 03 2016 02:39:39 PM UTC
Updated:: Jan 08 2024 03:23:15 PM UTC
Resolved:: Jul 27 2018 08:32:56 PM UTC
Confidence Status Last Update:: 20/Jul/18 3:52 PM