[
https://issues.apache.org/jira/browse/CASSANDRA-6279?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13810658#comment-13810658
]
Brandon Williams commented on CASSANDRA-6279:
---------------------------------------------
I think if you're fancy enough to be using auth, you're fancy enough to use
your own client (or at least cqlsh instead.) Any kind of arg erasing or
password input isn't really worth the effort in the cli at this point.
> command-line tool shouldn't require password
> --------------------------------------------
>
> Key: CASSANDRA-6279
> URL: https://issues.apache.org/jira/browse/CASSANDRA-6279
> Project: Cassandra
> Issue Type: New Feature
> Reporter: Peter Halliday
> Priority: Minor
>
> If you use nodetool and cassandra-cli, and have Thrift authentication, then
> you are required to pass in the password on the command-line. This is a
> potential security issue. For those that choose to do so, that's fine.
> However, ideally, there would be a method of not doing that, which would
> prompt you to enter a password. Understanding that no method is complete
> "secure", this would be certainly more so.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
