How to Mask a SQL Report Parameter Values
Posted on 2011-05-13
A SQL report is filtered by parameters values that are sensitive, such as bank account number and social security number. After the sensitive values are entered and [View Report] is clicked, the report renders the correct data, and continues to display the parameter values that were entered prior. I don't want someone who may be standing a few feet away to be able to note the sensitive values that appear in the parameter boxes. How can I mask these parameter values?
The idea would be similar to logging into a system and having to enter a username and password. The password would typically be masked by a series of characters, such as * instead of displaying the password in clear text. Is there a way that I can apply a similar mask to a report parameter?
If I review the XML behind the SQL report, I see tags like the following:
<Prompt>Social Security #:</Prompt>
Are there other attributes, besides the Name attribute (Name="prmSSN") that I can utilize to mask the user input, such as:
<ReportParameter Name="prmSSN" Mask="*">
Thanks a bunch