Forum Discussion

mnagel's avatar
Icon for Professor rankProfessor
7 years ago

LMConfig Credentials Masking

Please consider either updating all ConfigSources to mask credentials when displayed (but perhaps leave them intact so full configurations can be reconstituted or displayed with a toggle if desired to see onscreen).  In some cases, credentials are easily cracked (e.g., IOS  type 7 encoded passwords or easily cracked IOS type 4 hashes) or are displayed in plaintext.  Having that viewable by default by anyone with access is a potential security problem.  See also previous request to increase granularity so this type of data can be excluded via RBAC settings.



1 Reply

Replies have been turned off for this discussion
  • Hi Mark,

    We have recently added another option within the Role configuration that lets you limit visibility of collected Config data to only those with management rights to the device. This is not the full additional RBAC granularity you're after, but does mean you can hide Config data from users with read-only access to those devices within LogicMonitor.

    Hopefully this helps, even if it doesn't completely fulfil your requests.