See also: Partners, Databases and connectors, Two-factor authentication (Concept)
Release 26.1.
Paranoid mode is a security flag in the configuration file ./etc/startup.xml. When enabled, the Lobster Data Platform hides all stored passwords in the user interface. No user can reveal a stored password. This includes administrators.
How paranoid mode works
When set to true:
The system removes the eye icon used to reveal passwords in plaintext.
The change applies to all password fields across the platform.
Stored passwords still work for authentication. They are hidden, not deleted.
When set to false (default), the following users can view and edit stored passwords:
Administrators: in all areas.
Users with the permission Partner management: in the Partner administration area only.
Impacted areas
Paranoid mode hides the eye icon in:
Partner administration: for example, partner channels and MQTT passwords.
Databases and Connectors: for example, database connection passwords.
Configuration
Paranoid mode is configured in ./etc/startup.xml. Locate this element:
<!-- paranoid settings; if set to true no passwords are shown to admin users -->
<Set name="paranoid">false</Set>To enable Paranoid mode, set the value to true:
<Set name="paranoid">true</Set>NOTE
A restart of the Integration Server is required. The changes takes effect only after a restart.
Default value
false. Paranoid mode is disabled by default.
Password visibility
The table describes the baseline behavior with Paranoid mode disabled.
User type | Can view and edit passwords? |
|---|---|
Administrator | Yes, in all areas. |
User with Partner management permission | Yes, in Partner administration area only. |
User without Partner management permission | No. |
When Paranoid mode is enabled, no user can view stored passwords. This rule overrides the user permissions above. Passwords can still be set or changed. Existing values stay hidden.