Protect passwords and secrets. #257
Description
Is your feature request related to a problem? Please describe.
When adding secrets and or password to notifiers they should not be visible again.
Describe the solution you'd like
When modifying a notifier require secrets to be resubmitted. For a simple monitoring service some people will use weaker passwords which are more likely to be compromised. There are different levels of concern.
For example:
level 0: I don't care if someone gets access to a service that is simply monitoring my servers.
level 1: Someone gets access and can add monitors / notifiers. More concerning but not would ending.
level 2: Someone gets access and can see credentials to my notifiers which will give them the ability to use any of those services, one worse case is email. Depending on the setup could lead to more compromises.
Then there are multi-user concerns as well. I'm just starting to look at this project, I don't think multi-user has been added yet but this also reduces risk there as well. Even if a user has permission to modify the notifiers they would still need to provide the notifier's credentials.