Personal token auth should be only visible after entering the password #13710
Labels
c: Security
For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
duplicate
For issues that already existed in our issue tracker and were reported previously.
Milestone
Currently, you only need to click to view the token auth. I reckon instead we should ask a user to enter the password again before showing it. We could potentially always show the first 5 characters though. from @tsteur
The text was updated successfully, but these errors were encountered: