top | item 41504981

(no title)

epalm | 1 year ago

Looks nice, both the site and the app! The first thought I had though was, here's a central place where potentially hundreds, thousands, perhaps tens of thousands (or more, depending on how successful you are) of database credentials are stored. Your https://visualdb.com/datasecurity/ page says "Database credentials are encrypted before being stored" but how do I know that? Encrypted how? This equates to "I pinky promise I won't get hacked, and even if I do, all your passwords would be impossible to crack anyways". Security-conscious users probably will need a bit more than that. Any thoughts on using other authentication methods?

Edit: as other commenters have mentioned, an on-prem version would certainly ease concerns a bit.

discuss

sandhya6|1 year ago

Thanks for raising those points. To maximize security we are prioritizing on-prem version.

gregw2|1 year ago

Don't store database credentials at all. Ensure your product and recommended database configuration supports SSO/SAML/etc with credentials managed through Okta or Active Directory. You'll need that if you go up-market into an enterprise.

anakaine|1 year ago

[deleted]