• Replies 7 replies
  • Subscribers 10 subscribers
  • Views 6807 views
  • Users 0 members are here
Related Discussions
Home » Discussions » Best Practices

In Fitnesse, how to encrypt login passwords

sanalt0001

Hi, 

I am using fitNesseForAppian for my project.

When looking towards the security side, we should adhere to password storing in some encrypt format instead of normal text format.

Does anyone have any idea on handling password in a security prospective ?

  Discussion posts and replies are publicly visible

Parents
  • Hello Sanalt,

    some questions here:

    Do you want to encrypt the password that is in the properties? or the password on the script? can you clarify this to understand your requirement?

    I would like to add some comments on this.
    option 1) personally i like more this
    On the script : |login with role| role.user.something|
    On the configs/users.properties: role.user.something=username|password

    option 2) rather than
    on the script :|login with username|USERNAME| and password| PASSWORD|

    on the option 1) you have the password on the local machine which belongs on each user installation, (if you are sharing the the whole installation folder then you can ignore in your version control software (this is more secure than the other)

    on the option 2) what i don't like is that the password is on the script and if you have to share the scripts everybody will be able to see the password, which i don't think is desired.

    with this said please let us know more about your requirement, which options you are using is the option 1 not enough and you still need to encrypt that? if so please take a look at @mohamedt808 comments

    Hope this helps
    Jose
Reply
  • Hello Sanalt,

    some questions here:

    Do you want to encrypt the password that is in the properties? or the password on the script? can you clarify this to understand your requirement?

    I would like to add some comments on this.
    option 1) personally i like more this
    On the script : |login with role| role.user.something|
    On the configs/users.properties: role.user.something=username|password

    option 2) rather than
    on the script :|login with username|USERNAME| and password| PASSWORD|

    on the option 1) you have the password on the local machine which belongs on each user installation, (if you are sharing the the whole installation folder then you can ignore in your version control software (this is more secure than the other)

    on the option 2) what i don't like is that the password is on the script and if you have to share the scripts everybody will be able to see the password, which i don't think is desired.

    with this said please let us know more about your requirement, which options you are using is the option 1 not enough and you still need to encrypt that? if so please take a look at @mohamedt808 comments

    Hope this helps
    Jose
Children

© 2024 Appian. All rights reserved.