Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-22942

Job Import Plugin: Password field is cleartext

    XMLWordPrintable

Details

    Description

      Job import plugin has the "Passwor/API key" in cleartext. Contents of this field are stored on the server so anyone can see the password of the user that previously imported jobs via the plugin.

      I understand that API keys are preferred to be in cleartext. So ideal solution may be to split this into two separate fields: Password that will be a real password field (with obscured input) and API key that will show the key in cleartext.

      Attachments

        Issue Links

          is duplicated by

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-33307 Password not Masked when Importing from Secured Jenkins Instance

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          links to

          Web Link PR

          Web Link PR

          Activity

            People

              escoem Emilio Escobar
              paweldefee Pawel Defee
              Votes:
              7 Vote for this issue
              Watchers:
              13 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: