On this page
Provides the ability to hide credentials from queries.
Passing credentials in queries can leave them exposed in plain text during parameterization which means they can be seen in logs and the process list.
SECRET() takes a string (such as a password or other sensitive information) and replaces it with the literal string "<password>" during parameterization.
str: any string
There are two cases where the string passed in the
SECRET()function could still be exposed:
SECRET()is used as a column without an alias:SELECT SECRET(argument);
Instead, use something like:SELECT SECRET(argument) AS column_name;
NOPARAM()function is combined with
CALL db.log_in_now('root', SECRET('super-secret-password'));
Last modified: November 18, 2022