civo / kube100

NOTE: This repo is no longer being maintained or monitored. If you are facing any issues, you could either create an issue on the other respective repos (if any) or directly reach to us via civo.com
29 stars 2 forks source link

Hide API key from security section #32

Open AugustasV opened 4 years ago

AugustasV commented 4 years ago

API token is security sensitive, it should be hidden by default. When I go to security I would like to see API token hidden - it should be only shown when I press on it.

andyjeffries commented 4 years ago

Bringing over my comment (slightly expanded in wording) from a Slack thread.

We show your token in https://www.civo.com/api if you're logged in too, we've had a few others say they'd rather this doesn't happen, but when we've discussed it in the past an overwhelming number say "no, keep it - this is really helpful/easy".

AugustasV commented 4 years ago

Still didn't get it why it should be shown. There is no need to remember API key, have perfect example how it should be. Hidden by default, but you still can copy a code and reset it. Twitch stream key I didn't see how it should be less helpfull if it will be hidden by default.

andyjeffries commented 4 years ago

We're discussing this internally and will update here when we have a decision/answer. Thank you.