Security issue
If Compass is open and user clicks on a connection Favorite, any password embedded in the connection string is displayed in Clear Text. The password can be stolen or if the computer display is projected or shared.
Even with the use of LDAP authentication, the password is displayed in clear text defeating high security compliance policies.
- is duplicated by
-
COMPASS-4167 Paste Connection String showing password in plain text
-
- Closed
-
- is related to
-
COMPASS-4090 Set Default Connection Screen to the Most Recent Connection Method (Connection String or Individual Fields)
-
- Closed
-