Hi,

I'm currently updating systems to use CouchDB 1.1, and I'm changing my
cron replication scripts into docs in the _replicator database. Now,
I've noticed that the specified username/password for the target
database (on a remote server) remain in cleartext in the replication
doc, as opposed to old active tasks which would just show ****** for
the password.

In response, I've set readers for the security object of the
_replicator database, though any user account that can read that
database can still read the username/passwords.

Is there a better way to specify the target database credentials?


Cheers,

Zach