[
https://issues.apache.org/jira/browse/CASSANDRA-12411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15412099#comment-15412099
]
Robert Stupp commented on CASSANDRA-12411:
------------------------------------------
Question here is: how shall cqlsh detect that e.g. {{we23dwenvhe}} is a
password? What I mean is, that {{CRETE USER foo WITH PASSWORD 'bar';}} contains
a valid password - but there's a syntax error in it - so cqlsh would not know
that {{bar}} is a password.
Passwords are just a special kind of sensitive information - and sensitive
information could also be in DML statements.
IMO a better and more general improvement would be a cqlsh command to
disable/enable recording of commands in the history - e.g. {{HISTORY
OFF}}/{{HISTORY ON}}.
> Do not store passwords in .cassandra/cqlsh_history
> --------------------------------------------------
>
> Key: CASSANDRA-12411
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12411
> Project: Cassandra
> Issue Type: Improvement
> Components: Core
> Reporter: jonathan lacefield
>
> This is a request to ensure that passwords are not stored in the
> cqlsh_history file.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
