Skip to content
This repository was archived by the owner on Sep 9, 2025. It is now read-only.
This repository was archived by the owner on Sep 9, 2025. It is now read-only.

Is there a way to detect bad credentials? #343

Description

@nathanl

The meow attack makes it seem good to check one's instances for weak login credentials. But that's not straightforward to do. This function call:

Mongo.start_link(
      url: "mongodb://#{hostname}:#{port}/admin",
      username: username,
      password: password
    )

...returns {:ok, pid} even if the credentials are wrong.

Is there a way to try a simple connection and get back an {:error, reason} if the credentials are not valid?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions