[ https://issues.apache.org/jira/browse/NIFI-5001?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16409491#comment-16409491 ]
Matt Gilman edited comment on NIFI-5001 at 3/22/18 1:04 PM: ------------------------------------------------------------ Thanks for filing this JIRA. I wanted to comment here to reference a similar effort [1] and it's PR [2]. In order to address these, we'll likely need to introduce a password flag or something similar in the Property Descriptors. Check out the discussion in the PR for the relevant details. [1] https://issues.apache.org/jira/browse/NIFI-3439 [2] https://github.com/apache/nifi/pull/1546 was (Author: mcgilman): Thanks for filing this JIRA. I wanted to comment here to reference a similar effort [1] and it's PR [2]. In order to address these, we'll likely need to introduce a password flag or something similar in the Property Descriptors. Check out the discussion in the PR for the relevant details. [1]https://issues.apache.org/jira/browse/NIFI-3439 [2]https://github.com/apache/nifi/pull/1546 > Passwords are visible while typing in(Possibility of shoulder attacks) > ---------------------------------------------------------------------- > > Key: NIFI-5001 > URL: https://issues.apache.org/jira/browse/NIFI-5001 > Project: Apache NiFi > Issue Type: Bug > Components: Core UI > Affects Versions: 1.5.0 > Reporter: Bhavishya Mathur > Priority: Minor > Labels: Nifi, browser, security, ui > Attachments: Screenshot (157).png, Screenshot (158).png > > > For all the processors and the controller services, the password field in the > core UI is visible while we are entering the passwords. Thus, it opens an > opportunity to shoulder attacks. -- This message was sent by Atlassian JIRA (v7.6.3#76005)