phazonoverload
commented
3 years ago Hiyo! I work on the Developer Community team who run the Voyagers program - thanks so much for submitting this issue. For the sake of your Voyagers application I am happy with this exercise and I'll follow-up via email in the next few days. I'll leave this issue as-is for the team who work on the CLI to respond to in due course.
Note:
This issue is part of my Vonage Voyagers application process
Background
Currently, after a successful Nexmo (Vonage) CLI setup, when the account information command is run, it shows both the api_key and api_secret
The api_secret in particular is an important credential and I think that it should be hidden by default and the user account password should be required to reveal it. This is because once a user system is open, no other authentication is needed to get access to this sensitive data.
I understand this is an extra step but the api_secret isn't something that is required often hence the reason this step will not be a burden
System configuration
Node version: 13.8.0
NPM version: 6.13.6
Operating system: Mac OS 10.14.5