You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the database credentials are exposed in the bearer token. Though this solution is sufficient in deployments with HTTPS, it still relies on users being responsible client side. We should try to determine a solution to further mitigate the opportunity of user's credentials being compromised. Perhaps salting/hashing details in outbound token request and exposing only a salted/hashed version of credentials within the token.
The text was updated successfully, but these errors were encountered:
Currently the database credentials are exposed in the bearer token. Though this solution is sufficient in deployments with HTTPS, it still relies on users being responsible client side. We should try to determine a solution to further mitigate the opportunity of user's credentials being compromised. Perhaps salting/hashing details in outbound token request and exposing only a salted/hashed version of credentials within the token.
The text was updated successfully, but these errors were encountered: