At Mingo, we understand the importance of keeping your data safe and secure, which is why we've implemented two layers of security to ensure that your data is protected at all times.
Two layers of security
Everything that happens in Mingo, stays in Mingo. None of your data, connection information nor passwords are sent or stored outside Mingo. All your connections are stored locally in your computer and never sent or stored outside Mingo. All data is sent / received directly between your computer and the connected MongoDB server.
All information about your connections and also all meta data that Mingo uses to improve its speed and functionality is stored in a file on your computer.
To make sure your passwords are safe even against someone getting hold of your computer, Mingo also uses your local computer's keychain to store all passwords from your connections URIs, SSL / TSL passwords and SSH passwords.
On macOS the passwords are managed by the Keychain, on Linux they are managed by the Secret Service API/libsecret, and on Windows they are managed by Credential Vault.
How storing passwords works?
Storing passwords is completely automatic. First, Mingo checks your computer's support of a keychain app to store passwords safely. Then, whenever you enter a regular URI or any password for a connection, Mingo replaces it with a PLACEHOLDER phrase and stores it in the keychain. Thus, the passwords are not stored directly into your filesystem.
When Mingo needs to connect to a MongoDB server, it asks the keychain for the password, replaces the placeholder and uses these connection details to connect.
SSH, TSL / SSL connections
These technologies can improve your data-transport security and Mingo fully supports such connections.
Requests to mingo.io
Mingo also connects to our own servers to check your license key status and sends basic analytics information about which features you used. Analytics is turned off for enterprise customers.
We make great efforts to make sure Mingo is secure. The best way to do this is to completely avoid storing any data about your connections to our servers. And this is exactly what we did with Mingo.