You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Matt Gilman (JIRA)" <ji...@apache.org> on 2018/03/22 13:05:01 UTC
[jira] [Commented] (NIFI-5001) Passwords are visible while typing
in(Possibility of shoulder attacks)
[ https://issues.apache.org/jira/browse/NIFI-5001?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16409491#comment-16409491 ]
Matt Gilman commented on NIFI-5001:
-----------------------------------
Thanks for filing this JIRA. I wanted to comment here to reference a similar effort [1] and it's PR [2]. In order to address these, we'll likely need to introduce a password flag or something similar in the Property Descriptors. Check out the discussion in the PR for the relevant details.
[1]https://issues.apache.org/jira/browse/NIFI-3439
[2]https://github.com/apache/nifi/pull/1546
> Passwords are visible while typing in(Possibility of shoulder attacks)
> ----------------------------------------------------------------------
>
> Key: NIFI-5001
> URL: https://issues.apache.org/jira/browse/NIFI-5001
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core UI
> Affects Versions: 1.5.0
> Reporter: Bhavishya Mathur
> Priority: Minor
> Labels: Nifi, browser, security, ui
> Attachments: Screenshot (157).png, Screenshot (158).png
>
>
> For all the processors and the controller services, the password field in the core UI is visible while we are entering the passwords. Thus, it opens an opportunity to shoulder attacks.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)