Passwords used in selenium tests are visible in Sauce Labs logs #4
Description
Goal: We want to continuously test that MPASS login flow works both in testing and production.
Problem: When using Sauce Labs for testing the selenium tool logs key strokes. It doesn't know it is writing key presses to input form that is a password field. For this reason based on the information available in travis-ci logs anyone can access Sauce Labs and see the password entered in testing.
At the moment Sauce Labs does not have support for hiding this information:
- https://saucelabs.ideas.aha.io/ideas/SLIDEA-I-135
- https://support.saucelabs.com/customer/portal/questions/15900681-visibilty-of-tests-and-logs
- https://support.saucelabs.com/customer/portal/questions/14364679-disabling-log-recording-not-working
Even if recodLogs is set to False in selenium browser capabilities it is still possible to see the password from logs.
It is important to keep in mind now and in the future that all keystrokes are logged by Sauce Labs.