How to avoid displaying password with Mongo shell logon

16 March,2021 by Jack Vamvas

Question: I'd like to document a procedure to logon with Mongo shell but to not display the password . The situation is I'm running a the mongo Shell and then storing the command in a text file . Clearly this causes a security threat problem. Is there an option to avoid this situation

 

mongo --port 27017 -u "myUser" -p "myPw" --authenticationDatabase "admin"

 

Answer: This is an interesting problem - it's not uncommon to end up with connection strings with hard coded passwords across the network , desktops , internal sharepoint sites and anywhere you can store a connection string.

There are a few different options to hide the password. A straightforward method is to force a password prompt. You trigger the password prompt by using the -p switch but not adding the password

 Store the mongo shell command using -p but with no password stored. This will force a prompt for the password

mongo --port 27017 -u "myUser" -p  --authenticationDatabase "admin"

 

 


Author: Jack Vamvas (http://www.dba-ninja.com)


Share:

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment on How to avoid displaying password with Mongo shell logon


dba-ninja.com