I was looking for something today and happened to open a file Toad.log , in the
\appdata\roaming\quest software\toad data point 4.2 directory.
I noticed a password in the log, in the clear. ouch!
All the entries in that file are Feb 8, none before, none after - but I do not recall what I was doing that day and why. What action causes Toad.log to be written? Did i enable some kind of trace? I just don't remember what I might have been doing or experimenting with that day.
If it helps, the connection type says "HIVE" - but I couldn't guess whether i was using the native hive driver, or the ODBC Hive driver. I do not use the native driver any more, so not sure why I'd be looking at that. All our Hive connections use Kerberos now, and passwords are from Active Directory (AD).
Anyway - this seems like a security exposure that should be looked at. Writing clear passwords in a log file is never a good idea.