DEV Community


Discussion on: How to Encrypt your Maven Password

isaric profile image
Ivan Šarić

Hi, thanks for the tutorial. What I don't get is what are the benefits of this approach? If someone has access to your settings xml file, wouldn't they also have access to your security-settings.xml? Both are in .m2 according to your tutorial.

khmarbaise profile image
Karl Heinz Marbaise

Hi Ivan,

the location for settings.xml and security-settings.xml is by default your home directory ($HOME/.m2/) which is by default secured by your login (username/password). This is the first barrier and the second one of course is, as Scott wrote is that in none of them is a clear text password.

Kind regards
Karl Heinz Marbaise