Don't Let Sensitive Data Hide in Your URLs
Salesforce, Monday, July 14th, 2025
Protect your org and users by keeping sensitive info out of sight.
When it comes to protecting sensitive data, most people think about encryption, access controls, and login security. But one of the simplest ways sensitive information can be unintentionally exposed, or leaked, is also one of the most overlooked: putting sensitive data in a URL.
In Salesforce, that could mean exposing user details, session info, or other private data any time someone clicks a link, loads a resource, or shares a page. The risk is easy to miss-but also easy to fix, once you understand how it works.