Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-7456

MongoDB commands requiring passwords should be able to prompt for its entry (without it being displayed)

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: 2.2.0
    • Component/s: Security
    • None
    • Environment:
      RHEL 6

      Currently when default authentication is in place many MongoDB commands such as mongodump, mongorestore, mongostat and mongotop require that the password is entered as a parameter in clear text. This risks the password being compromised (e.g. by shoulder surfing). All such commands should enable the user to enter the password without it being echoed, e.g. by prompting for it.

            Assignee:
            schwerin@mongodb.com Andy Schwerin
            Reporter:
            simon.harvey@citi.com Simon Harvey
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: