Redis is a high-performance data management system that, by default, does not include complex security features. This is due to its design focus on usage in trusted, private networks.

If Redis is connected to a public network or used in a multi-user environment, insufficient attention to security can lead to data leaks, modifications, or deletions by malicious actors.

To enhance security, you can configure password authentication, which is required to access the database.

Setting a Password for Redis

Authentication in Redis is disabled by default. To check if authentication is enabled, you can run the following command:

python
config get requirepass

As you can see, an empty field is returned, indicating that no password is set.

To set a password, use the following command:

python
config set requirepass [your password]

Once the password is set, try logging into redis-cli again and attempt to make changes to the database.

You will not be able to modify the database state until you authenticate with Redis. To authenticate, use the following command:

python
AUTH [your password]

After authentication, you can make changes to Redis.

Resetting the Password

If you want to reset the password to allow unrestricted access to the database, you can set it to an empty string:

python
config set requirepass ""

Now you can make any changes to the database without authentication.