Skip to content

Username and Password in URI (Connection String)

Service Name: Database Connection String

Service Description: A connection string containing embedded username and password credentials used to authenticate to databases, APIs, or other services via URI format.

Service Address: [https://www.connectionstrings.com/](https://www.connectionstrings.com/)

Username and Password in URI

URI_USERNAME_AND_PASSWORD

  • Validation Type: API Auth

  • IP Allow list: Does not exist

  • Secret Access Scope: Grants direct access to the database or service specified in the URI with the privileges of the embedded user account.

  • Secret Revokement URL: Does not exist

  • Secret Example: postgres://admin:p@ssw0rd@database.example.com:5432/mydb

  • Suspicious Activity Investigation Instructions:

    • Check access logs for the database or service to identify unusual access patterns or unauthorized queries.

    • Review database audit logs for suspicious operations performed using the credentials.

    • Monitor for unusual data transfer volumes that might indicate data exfiltration.

    • Check for unauthorized schema changes or new user accounts created in the database.

  • Mitigation Instructions:

    • Immediately change the password for the affected user account.

    • Consider creating a new user with appropriate permissions and deprecating the exposed account.

    • Implement connection string encryption or use a secrets management service instead of hardcoding credentials.

    • Update all applications and services using this connection string with the new secure method.

    • Implement IP restrictions on database access if possible.

    • Review and rotate other credentials that might have been exposed in the same context.