Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't store jira password in plaintext #65

Open
adamof opened this issue Nov 2, 2017 · 1 comment
Open

Don't store jira password in plaintext #65

adamof opened this issue Nov 2, 2017 · 1 comment

Comments

@adamof
Copy link

adamof commented Nov 2, 2017

Hey guys, I was wondering if there is a way to not store the Jira password in plaintext. I haven't done any research yet, but maybe you guys have thought about something?
@pedrocunha
Copy link
Collaborator

Hey @adamof - very good point and been want to address this for a long time, however depends on how you want to think about it. It is your machine which is theory should not be accessible. I bet you are probably also using the AWS CLI which also stores things in plaintext. Not saying that is a good pattern but sometimes plaintext is ok if you comfortable that there is some other auth mechanism. For example encrypted filesystem + system protected by a strong password.

Do you know what we could potentially implement here? I think JIRA supports OAuth authentication but the dance between CLI and webpage is a bit meh - a la Heroku.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pedrocunha @adamof