-
Notifications
You must be signed in to change notification settings - Fork 89
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Alternative to storing credentials in clear-text #996
Comments
Thanks Guy for the feedback! Better handling for credentials is definitely on our roadmap. What kind of a solution do you imagine? |
Keychain and alike sound good, in the meantime perhaps an option to type in the password on every fetch?
…On Wed, May 06, 2020 at 2:09 PM, ori-moisis < ***@***.*** > wrote:
Thanks Guy for the feedback!
Better handling for credentials is definitely on our roadmap.
One direction we are exploring is supporting storing credentials at
different secret stores (e.g. remote/shared, or local like OSX keychain,
Windows Credential Manager etc.), but we don’t have any plans finalized
yet (will update on this ticket once we do).
What kind of a solution do you imagine?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub (
#996 (comment) ) , or
unsubscribe (
https://github.com/notifications/unsubscribe-auth/AABKYFVNS6F2CK53JONE2J3RQFAM7ANCNFSM4M2IAICQ
).
|
Hi Guy, |
Hi @ori-moisis and @tomermevorach - I wanted to check to see if any solutions for this have been implemented. Thanks! |
Is most adapters we support authentication through OAuth now where the tokens stored are not as sensitive as a password which somewhat mitigated this issue (this is obviously not a full solution, just not as bad as storing a password). we have not implemented alternative credential storages in the CLI yet. |
Okay, good to know. Thank you for the quick response!
…On Wed, May 31, 2023 at 11:23 AM ori-moisis ***@***.***> wrote:
Is most adapters we support authentication through OAuth where the tokens
stored are not as sensitive as a password which somewhat mitigated this
issue (this is obviously not a full solution, just not as bad as storing a
password).
we have not implemented alternative credential storages in the CLI yet.
—
Reply to this email directly, view it on GitHub
<#996 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BAGLW2JIQMA7KL2F5M4HLL3XI5O63ANCNFSM4M2IAICQ>
.
You are receiving this because you commented.Message ID:
***@***.***>
--
<https://hubs.ly/H0GKX6_0>
Kevin Grondin [he, him, his]
Senior Data Architect
office +1-802-861-0460
HQ 50 Lakeside Ave., #341, Burlington, VT 05401
*location: *Massachusetts | time zone ET
<https://hubs.ly/H0GKWQh0> <https://hubs.ly/H0GKWL10>
<https://hubs.ly/H0GKWvF0> <https://hubs.ly/H0GKWMd0> [image:
https://meetings.hubspot.com/kevin-grondin]
<https://meetings.hubspot.com/kevin-grondin>
|
Saving the Salesforce password in clear text should be avoided.
The text was updated successfully, but these errors were encountered: