Password protection for Shared Insights/Dashboards

[benjackwhite]

Is your feature request related to a problem?

Shared Dashboards/Insights often contain sensitive information. Users still want to embed or share these dashboards but with the ability to keep it secure to

1. Externals who have been given a password
2. Internals who are already logged into PostHog (e.g. viewing an embedded Insight on a wiki site)

Describe the solution you'd like

• Add password protection to Shard Dashboards / Insights so that loading the Insight prompts the user to input a password if required
• Bypass this password authentication for already logged in users (if possible)
• Make this configurable at the time of sharing the item.

Describe alternatives you've considered

Additional context

Related Slack thread

Thank you for your feature request – we love each and every one!

[annaszell]

More context:

When sharing dashboards externally, they are currently visible to anyone who has the URL. Whilst there is a random UUID there which makes it hard to brute force it is technically not impossible and this is a blocker for our privacy-minded customers.

An ideal solution would have some sort of authentication mechanism for the dashboard to prevent a brute force attack.

This would unlock extra stickiness for some of our larger customers as it would enable them to show PostHog data to their own customers.