Password Visible in plaintext History

Teradata Studio

Password Visible in plaintext History

Hello,

In using functions that require a username and password from the source system e.g. load_from_teradata, the password given is displayed in plain text in both the history window and the history file. This creates serious security concerns and occurs in both Teradata Studio and SQL Assistant. Is there a way to have passwords masked?

Thank you in advance.

Brandon

4 REPLIES
Teradata Employee

Re: Password Visible in plaintext History

Brandon, There currently is not a way to mask all passwords in the SQL History. We look for CREATE USER statements to mask the password value but it needs to be extended to other statements as you mention above. I have opened a JIRA to handle this.

Re: Password Visible in plaintext History

I apologize for the delay in responding. Thank you very much. Please keep me posted on the JIRA.

Brandon

Teradata Employee

Re: Password Visible in plaintext History

I'm a little confused here.

There are LOAD_TO_TD and LOAD_FROM_TD functions which the docs say should be used only within a Create Foreign Server statement. (Not called directly from SQL)

The Create/Replace Authorization statements do have passwords which should be masked - an oversight which I will correct in SQL assistant.

Is LOAD_FROM_TERADATA your own function, or is it a Teradata table operator that was somehow omitted from the Querygrid documentation. (I dont see this function on my test systems but then I dont have Querygrid installed on them.) 

Teradata Employee

Re: Password Visible in plaintext History

Are you maybe using Aster rather than Teradata?

That does have a Load_From_Teradata() function, and many others, that take a PASSWORD parameter. (I agree that these need to be masked.)