Currently when default authentication is in place many MongoDB commands such as mongodump, mongorestore, mongostat and mongotop require that the password is entered as a parameter in clear text. This risks the password being compromised (e.g. by shoulder surfing). All such commands should enable the user to enter the password without it being echoed, e.g. by prompting for it.