You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2021/04/16 20:02:39 UTC

[GitHub] [couchdb] natevw commented on issue #2794: Plaintext passwords in couchdb admin docs

natevw commented on issue #2794:
URL: https://github.com/apache/couchdb/issues/2794#issuecomment-821530877


   > Yes, I was missing something. […] there was no point to using a cookie over the password.
   
   but doesn't this point still stand?
   
   > One admin could never know the actual password of another user.
   
   I.e. seems like the tradeoffs are:
   
   * store session cookie — does not expose plaintext password, but is not long-term or cross-instance valuable [which is the *benefit* of using it but will cause the replication to fail sooner or later]
   * store password — long-term valuable leaked personal secret, but replicator will keep working until/unless user rotates their password
   
   Probably the best workaround in a multi-admin situation would be to create a shared replicator user with its own password which gets rotated in exceptional situations (staff changes, suspected leak, scheduled policy…).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org