Why do I have to re-enter my pwd when I change the host, port, or dialect for a connection?

Knowledge Drop

Last tested: Sep 22, 2020
 

We enforce this for several reasons:

  • Prevent user error
  • Security

Frequently, the Admin who setup a given connection will not be the only Admin on a Looker instance, or may not always have access to the database's details. Similarly, an Admin may fiddle with connection settings and accidentally save with bad ones. Given how many background/infrastructure tasks Looker can manage (PDTs, Schedules, Etc), a broken connection can have catastrophic consequences.

On the note of security, databases can have incredibly sensitive data. A bad, malicious, or compromised admin account could change the host and port to a malicious host, routing queries to an imposter server host and intercepting user/password combos. In the rare case this were to occur, sensitive PII and other data could be exposed, causing a severe data breach or data loss.

For these reasons, we intentionally require changes to a connection's host, port, or dialect settings to also be accompanied by the password being re-entered. Re-entering the password is like an "are you sure these are the changes you want to make" and an "are you authorized to make that change" prompt.

This content is subject to limited support.                

Version history
Last update:
‎07-07-2021 01:12 PM
Updated by: