In SmartReporting Able To See Login Credentials In Plain Text Over HTTPS URL.

Version 2
    Share:|

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy AR System Server


    COMPONENT:

    ITSM In-App Reporting 9.1.00


    APPLIES TO:

    Smart Reporting : 9.X



    QUESTION:

    In SmartReporting, suppose to see login credentials in plain text over https URL?


    ANSWER:

    This is common among web applications. The password field is submitted to the application in order to provide authentication.
    If the instance is secured by HTTPS, then it prevents this transfer from "eavesdropping."
    Since we are inspecting packets in our local browser, we will be able to see the information as though it is in plain text.
    As an example, we have the same behaviour in Facebook as well.


    Article Number:

    000161327


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles