Open grzn opened 4 years ago
ori-moisis
commented
4 years ago Thanks Guy for the feedback!
Better handling for credentials is definitely on our roadmap. One direction we are exploring is supporting storing credentials at different secret stores (e.g. remote/shared, or local like OSX keychain, Windows Credential Manager etc.), but we don’t have any plans finalized yet (will update on this ticket once we do).
What kind of a solution do you imagine?
grzn
commented
4 years ago Keychain and alike sound good, in the meantime perhaps an option to type in the password on every fetch?
On Wed, May 06, 2020 at 2:09 PM, ori-moisis < notifications@github.com > wrote:
Thanks Guy for the feedback!
Better handling for credentials is definitely on our roadmap. One direction we are exploring is supporting storing credentials at different secret stores (e.g. remote/shared, or local like OSX keychain, Windows Credential Manager etc.), but we don’t have any plans finalized yet (will update on this ticket once we do).
What kind of a solution do you imagine?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( https://github.com/salto-io/salto/issues/996#issuecomment-624585403 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/AABKYFVNS6F2CK53JONE2J3RQFAM7ANCNFSM4M2IAICQ ).
tomermevorach
commented
4 years ago Hi Guy, Thanks for this improvement suggestion, it sounds right and we will think about it and try to address this need
kevin1ftp
commented
1 year ago Hi @ori-moisis and @tomermevorach - I wanted to check to see if any solutions for this have been implemented. Thanks!
ori-moisis
commented
1 year ago Is most adapters we support authentication through OAuth now where the tokens stored are not as sensitive as a password which somewhat mitigated this issue (this is obviously not a full solution, just not as bad as storing a password).
we have not implemented alternative credential storages in the CLI yet.
kevin1ftp
commented
1 year ago Okay, good to know. Thank you for the quick response!
On Wed, May 31, 2023 at 11:23 AM ori-moisis @.***> wrote:
Is most adapters we support authentication through OAuth where the tokens stored are not as sensitive as a password which somewhat mitigated this issue (this is obviously not a full solution, just not as bad as storing a password).
we have not implemented alternative credential storages in the CLI yet.
— Reply to this email directly, view it on GitHub https://github.com/salto-io/salto/issues/996#issuecomment-1570443882, or unsubscribe https://github.com/notifications/unsubscribe-auth/BAGLW2JIQMA7KL2F5M4HLL3XI5O63ANCNFSM4M2IAICQ . You are receiving this because you commented.Message ID: @.***>
--
Kevin Grondin [he, him, his]
Senior Data Architect
office +1-802-861-0460
HQ 50 Lakeside Ave., #341, Burlington, VT 05401
location: Massachusetts | time zone ET
https://hubs.ly/H0GKWQh0 https://hubs.ly/H0GKWL10 https://hubs.ly/H0GKWvF0 https://hubs.ly/H0GKWMd0 [image: https://meetings.hubspot.com/kevin-grondin] https://meetings.hubspot.com/kevin-grondin
Saving the Salesforce password in clear text should be avoided.