Docs Menu

Docs HomeView & Analyze DataMongoDB Compass

Hide Credentials in Your Connection String

On this page

  • About This Task
  • Procedure
  • Compass Settings Panel
  • Command Line Example
  • Configuration File Example
  • Learn More

When you paste a connection string into the MongoDB Compass connection form, Compass shows credentials in plaintext by default. To hide credentials in the connection string, use the protectConnectionStrings option.

When protectConnectionStrings is enabled, users cannot perform the following actions:

  • Edit the connection string in the Compass connection form.

  • Copy the connection string in the Compass interface.

  • See the credentials when exporting a query.

To hide your your connection string credentials, enable the protectConnectionStrings option.

You can set the protectConnectionStrings option in either:

Settings panel location under the MongoDB Compass system menu

Alternatively, you can use keyboard shortcuts to open the Settings panel:

  • Windows / Linux: Ctrl + ,

  • Mac: + ,


Compass opens a dialog box where you can configure your MongoDB Compass settings.


The following command starts Compass from the command line and sets the --protectConnectionStrings option:

<path-to-Compass-executable> --protectConnectionStrings


The name and filepath of the Compass executable depend on your operating system.

You can specify the Compass configuration file in either EJSON or YAML format. The following configurations set the protectConnectionStrings option to true:

{ "protectConnectionStrings": true }
protectConnectionStrings: true

To learn more about the MongoDB Compass configuration file, see Configuration File Settings.

←  Display the Kerberos Password FieldRestrict Write Operations to MongoDB →