Closed cyber-shifter closed 2 months ago
Euh, it should NOT be logged. So I will have a look into that.
My goal is NOT to log sensitive data.
Oh! Well! I'm glad I said something. I wasn't going to originally.
Done!. It now logs stars.
Excellent!! My paranoid IT brain can rest easier.
I'm not sure if anyone has thought about this or not, but I noticed this when looking for some other information in the logs. When you fail to log in with an administrator account to TerrariumPi, it puts the "password" that was used for the attempt in plain text, in the logs. Obviously whether or not this represents sensitive information depends on your personal stance and experience. As someone who works in IT every day, this isn't something I would like my devices doing. But I'm also a bit paranoid about IoT devices. So I wanted to just start the conversation about it I guess.