[ https://issues.apache.org/jira/browse/CASSANDRA-6174?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14133020#comment-14133020 ]
Brandon Williams commented on CASSANDRA-6174: --------------------------------------------- base64 doesn't seem like any kind of improvement to me, we might as well just leave it in plaintext. > Cassandra keystore password is in plain text > --------------------------------------------- > > Key: CASSANDRA-6174 > URL: https://issues.apache.org/jira/browse/CASSANDRA-6174 > Project: Cassandra > Issue Type: Improvement > Components: Config > Reporter: Shahryar Sedghi > Priority: Minor > Labels: lhf > Attachments: 2.1-CASSANDRA-6174.txt > > > It is an extremely bad security practice to keep any password, particularly > keystore password in plain text. it can be easily obfuscated. -- This message was sent by Atlassian JIRA (v6.3.4#6332)