Why is the password input under HTTP Settings type=“text” and not type=“password”? Exposing plain text passwords seems like bad practice
Hi @kmcintyre,
Welcome to the Dato forum!
I suppose you’re right about that, but the webhook settings are usually for developers anyway. And since that’s a clientside mask only, devs could easily reveal the actual password if they wanted to… so marking it as a password field would really only serve to make it harder for people to look over their shoulders, without adding any “real” security.
If your goal is to make other editors not see the webhook auth password, you can use our roles & permissions system to altogether hide webhooks settings from them:
Would that work?
If you’re concerned about the security of the password itself, well, I think our server has to store it as plaintext anyway in order for us to send it via HTTP basic auth. So if the goal is to hide it from the DatoCMS user altogether, we’d have to prevent the actual password from ever getting sent to your browser, which means your devs would only be able to overwrite the password with another one, and not see what it’s currently set to. That’d be a significant UX difference vs the current system.
Is that what you’re concerned about, or just someone looking over their shoulders, or…?
I suppose a compromise might be the “reveal password on eyeball click” pattern? But is that what you’re asking for, or?
Thank you for the fast reply!
Something like the hide secret eye would fix the look-over problem, though using the built-in password input would probably be best - I commented because I was able to go into my javascript console and add type=“password” to the input and it added the typical star **** obfuscation and copy prevention, so I figured maybe it was an oversight
OK, thank you for clarifying!
I’ll let our UX person know about this.