Password in default.json stored in non-encrypted form

Post Reply
NI3
Posts: 87
Joined: Fri Apr 07, 2017 5:12 am

Password in default.json stored in non-encrypted form

Post by NI3 » Tue Dec 03, 2019 3:09 am

Hi Team,

Is there a way to keep passwords in default.json in encrypted form because plain non-encrypted password is a security risk for me. For e.g anyone can see password of my postgres and connect to my postgres db.

If there is any provision to store such sensitive data in encrypted form in default.json then please let me know. If there is no such thing, can we expect this logic in next release of DocumentServer?


Thank You.

Carl
Posts: 221
Joined: Thu Apr 12, 2018 10:00 am

Re: Password in default.json stored in non-encrypted form

Post by Carl » Tue Dec 03, 2019 1:38 pm

Hello,

There is no way to encrypt the content of Document Server configs. What do you mean by
For e.g anyone can see password of my postgres and connect to my postgres db.
?
You shouldn't provide access to your server to the users you don't trust.

Post Reply