Join our discord community

Please or Register to create posts and topics.

secure shotgun login information


I noticed that shotgun passwords and api keys are stored without encryption and can be easily read/copied with a simple text editor from the .yml files.

Would it be possible to implement a way to store them more securely ?

thanks !

Hey @maelfr

we could store an encrypted version of the password and api keys in the config file.

But since Prism is open source everyone could check the code how the data gets encrypted and decrypted. It would be a bit more effort to get the passwords, but if someone really wants to get it, he would get it.

Let me know if that would still help you or if you have a more secure way.



hello Richard,

I think that this extra step would at least be a bit more secure than having the current password visible clearly. I do not have the technical know how to think about a more secure way but implementing this would be great 🙂