User authentication hard-coded login email

Hi folks

I have a security exposure with my login details.

The security dashboard gives me this message but I cannot find the offending fields! I have gone so far as to put ‘reset relevant fields’ after all my signin steps but the problem lives on.

I believe I am using dynamic data in every case.

Obviously this is a major exposure - not something I would design in to anything

Here is the error message if anyone can give me ideas?

Thanks so much!

Issue description

We identified the presence of hard-coded login credentials in a Log the user in action. This can open your app up to significant security vulnerabilities. We strongly recommend removing static email/password values and using dynamic data from inputs instead.

Additional details

Current workflow action settings:
Email: Email address
Password: *********

Post some screenshots to understand your issue. Do you have a relation plugin installed ?

Hi Lynhenning, I have resolved this issue but not sure how!

Not sure if there is a chance there has been a delay with buffering / updating my record. (I know that is technically a miniscule chance, but I have seen it in an extreme case in a previous life as a technical pm.

Thanks for responding though!

J.

Hi FYI, it seems to be that I had a placeholder to say what the pwd rules are. So AI saw that as text in the pwd field. So I put my instructions in the field title.

Cheers , J