I am implementing the LDAP authentication, but when I do a grep in the H2 .db file I can see the user password to connect to the LDAP as a text plain. How can I implement an encryption?
Hey you could configure metabase on HTTPS this way you know your connection and connection details are encrypted.
I am not talking about the HTTPS/TLS but the .db file. In my case I am runnning the Metabase in a Linux box and if I do strings myfiledb | grep password I can see my user account password that I entered in the GUI.
It is a security issue cause the best practices says that you should always persist sensitive data (like passwords) encrypted.
I am already using the setting the environment variable MB_ENCRYPTION_SECRET_KEY=blablabla, however it still not work.
Even following what is described in the documentation below, it still not working…
Documentation transcription: “Metabase will securely encrypt and store the connection details for any new Databases you add. (Connection details for existing databases will be encrypted as well if you save them in the admin panel). Existing databases with unencrypted details will continue to work normally.”
So, any idea ?