Exposing credentials

Is it dangerous if credentials for connecting Compass to Atlas are seen on Github? I have to share my project there anyway. Is it possible for someone else to use them somehow?

Hey @Valyo_Gennoff,

Welcome to the MongoDB Community!

It is advisable that you don’t push any type of credentials on the GitHub as it could be accessed by anyone on the internet if the repository is public.

Yet, you can prevent someone from accessing the database by whitelisting only the IP addresses which have database access authority. This is an extra layer of security. However, we still recommend you avoid sharing the credentials in the public domain to prevent misuse.


1 Like