[COMPASS-6161] Hide password during screenshares / Zoom Hide password when in Editing connection string > Editing password mode Created: 04/Oct/22  Updated: 29/Oct/23  Resolved: 16/May/23

Status: Closed
Project: Compass
Component/s: Security
Affects Version/s: 1.33.1
Fix Version/s: 1.37.0

Type: Task Priority: Critical - P2
Reporter: Felicia Hsieh Assignee: Basit Chonka
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

macOS 12.6
Compass 1.33.1


Attachments: PNG File Screen Shot 2022-10-04 at 9.25.22 AM.png     PNG File Screen Shot 2022-10-05 at 5.02.17 PM.png     PNG File Screen Shot 2022-10-05 at 5.12.15 PM.png    
Issue Links:
Documented
Issue split
split to COMPASS-6788 Set default behavior such that "Edit ... Closed
Related
related to COMPASS-6066 Implement protectConnectionStrings op... Closed
Story Points: 3
Documentation Changes: Needed
Documentation Changes Summary:

We only show the password when user is focused on the input field.

Sprint: Iteration Brontosaurus

 Description   

Problem Statement/Rationale

What is going wrong? What action would you like the Engineering team to take?

Please be sure to attach relevant logs with any sensitive data redacted.

Password can still be seen when in during screenshares / Zoom Hide password when in Editing connection string mode>Editing password mode.

Password should be hidden. There needs to be a 2nd level of protection.

Steps to Reproduce

How could an engineer replicate the issue you’re reporting?

Edit a connection string > Edit the password field. Look at the  URI (connection string) field.

Expected Results

What do you expect to happen?

Password to remain hidden with "*****" until intentionally revealed at another level.

As a suggestion, other websites use the "eye" icon like https://www.csestack.org/hide-show-password-eye-icon-html-javascript/

Actual Results

What do you observe is happening?

As the password field is edited in editing connection string mode, the password is revealed on the connection string field.

Additional Notes

Any additional information that may be useful to include.

Reported by a customer



 Comments   
Comment by Githook User [ 22/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: feat(connection-form): show password only when user focuses on input COMPASS-6161 (#4370)

Co-authored-by: Sergey Petushkov <petushkov.sergey@gmail.com>
Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>
Branch: 1.37-releases
https://github.com/mongodb-js/compass/commit/8f87727f0c7c68d00a327e5cab301c973a316294

Comment by Githook User [ 20/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: feat(connection-form): show password only when user focuses on input COMPASS-6161 (#4370)

Co-authored-by: Sergey Petushkov <petushkov.sergey@gmail.com>
Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>
Branch: COMPASS-6664-guide-cue-stage-wizard
https://github.com/mongodb-js/compass/commit/8f87727f0c7c68d00a327e5cab301c973a316294

Comment by Githook User [ 18/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: feat(connection-form): show password only when user focuses on input COMPASS-6161 (#4370)

Co-authored-by: Sergey Petushkov <petushkov.sergey@gmail.com>
Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>
Branch: COMPASS-6666-use-case-drag-n-drop
https://github.com/mongodb-js/compass/commit/8f87727f0c7c68d00a327e5cab301c973a316294

Comment by Githook User [ 17/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: feat(connection-form): show password only when user focuses on input COMPASS-6161 (#4370)

Co-authored-by: Sergey Petushkov <petushkov.sergey@gmail.com>
Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>
Branch: test-read-6.0-QE
https://github.com/mongodb-js/compass/commit/8f87727f0c7c68d00a327e5cab301c973a316294

Comment by Githook User [ 17/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: feat(connection-form): show password only when user focuses on input COMPASS-6161 (#4370)

Co-authored-by: Sergey Petushkov <petushkov.sergey@gmail.com>
Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>
Branch: COMPASS-6725-aggregation-preview-export
https://github.com/mongodb-js/compass/commit/8f87727f0c7c68d00a327e5cab301c973a316294

Comment by Githook User [ 16/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: feat(connection-form): show password only when user focuses on input COMPASS-6161 (#4370)

Co-authored-by: Sergey Petushkov <petushkov.sergey@gmail.com>
Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>
Branch: COMPASS-6788-edit-conn-string-disable-global-config
https://github.com/mongodb-js/compass/commit/8f87727f0c7c68d00a327e5cab301c973a316294

Comment by Githook User [ 16/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: feat(connection-form): show password only when user focuses on input COMPASS-6161 (#4370)

Co-authored-by: Sergey Petushkov <petushkov.sergey@gmail.com>
Co-authored-by: Anna Henningsen <anna.henningsen@mongodb.com>
Branch: main
https://github.com/mongodb-js/compass/commit/8f87727f0c7c68d00a327e5cab301c973a316294

Comment by Githook User [ 15/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: Merge branch 'main' into COMPASS-6161-show-password-on-focus
Branch: COMPASS-6161-show-password-on-focus
https://github.com/mongodb-js/compass/commit/fb492b6bd91e5e27946cea1ba9c04f9a070cf885

Comment by Githook User [ 12/May/23 ]

Author:

{'name': 'Basit', 'email': '1305718+mabaasit@users.noreply.github.com', 'username': 'mabaasit'}

Message: Merge branch 'main' into COMPASS-6161-show-password-on-focus
Branch: COMPASS-6161-show-password-on-focus
https://github.com/mongodb-js/compass/commit/d9dcc414415340699173ac3c53cbdf0bcfdee03d

Comment by Anna Henningsen [ 02/Nov/22 ]

felicia.hsieh@mongodb.com Please note that we are also introducing a protectConnectionStrings mode, which may or may not be a viable solution for the customer. See COMPASS-6066 for details on that.

Generated at Wed Feb 07 22:42:08 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.