Throughout the OHDSI documentation and examples database credentials are exposed in plain text.
connectionDetails <- createConnectionDetails(dbms="postgresql", server="localhost/cdm", user="ohdsi", password="blah")
Perhaps we can consider encouraging best practices for securing credentials by modifying examples and template code. RStudio has some helpful guidance: https://db.rstudio.com/best-practices/managing-credentials/
Here is an idea for a template that encourages keeping passwords secure (i.e. not saved in .R or .Rhistory files)
keyring::key_set(service = "cdm", username = "ohdsi") connectionDetails <- createConnectionDetails(dbms = "postgresql", server = "localhost/cdm", user = "ohdsi", password = keyring::key_get("cdm", "ohdsi"))
Other options might be rstudioapi::askForPassword(), askpass::askpass(), or using environment variables.