Open AugustasV opened 4 years ago
Bringing over my comment (slightly expanded in wording) from a Slack thread.
We show your token in https://www.civo.com/api if you're logged in too, we've had a few others say they'd rather this doesn't happen, but when we've discussed it in the past an overwhelming number say "no, keep it - this is really helpful/easy".
Still didn't get it why it should be shown. There is no need to remember API key, have perfect example how it should be. Hidden by default, but you still can copy a code and reset it. I didn't see how it should be less helpfull if it will be hidden by default.
We're discussing this internally and will update here when we have a decision/answer. Thank you.
API token is security sensitive, it should be hidden by default. When I go to security I would like to see API token hidden - it should be only shown when I press on it.