[ https://issues.apache.org/jira/browse/CASSANDRA-12411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15412099#comment-15412099 ]
Robert Stupp commented on CASSANDRA-12411: ------------------------------------------ Question here is: how shall cqlsh detect that e.g. {{we23dwenvhe}} is a password? What I mean is, that {{CRETE USER foo WITH PASSWORD 'bar';}} contains a valid password - but there's a syntax error in it - so cqlsh would not know that {{bar}} is a password. Passwords are just a special kind of sensitive information - and sensitive information could also be in DML statements. IMO a better and more general improvement would be a cqlsh command to disable/enable recording of commands in the history - e.g. {{HISTORY OFF}}/{{HISTORY ON}}. > Do not store passwords in .cassandra/cqlsh_history > -------------------------------------------------- > > Key: CASSANDRA-12411 > URL: https://issues.apache.org/jira/browse/CASSANDRA-12411 > Project: Cassandra > Issue Type: Improvement > Components: Core > Reporter: jonathan lacefield > > This is a request to ensure that passwords are not stored in the > cqlsh_history file. -- This message was sent by Atlassian JIRA (v6.3.4#6332)