Masking password on two different places

Ranorex Spy, Recorder, and Studio.
agroenen
Posts: 17
Joined: Thu Jun 09, 2016 3:18 pm

Masking password on two different places

Post by agroenen » Wed Oct 11, 2017 10:05 am

It is possible to mask a binded password in the outcoming report.
But the password is still visible when you rightclick the smart folder, choose for Data Source; all binded rows are visible, including passwords.
How to avoid that?

The same for Ranorex Automation Helper EmailModule; how to mask the necessary paramater value for the password, not only in the report but also in the binding-screen?

User avatar
odklizec
Ranorex Guru
Ranorex Guru
Posts: 3914
Joined: Mon Aug 13, 2012 9:54 am
Location: Zilina, Slovakia

Re: Masking password on two different places

Post by odklizec » Wed Oct 11, 2017 11:19 am

Hi,

I'm afraid, there is no such option available. You can make a feature request here:
https://uservoice.ranorex.com/forums/15 ... ve-ranorex

But honestly, what would be such feature good for? I mean, the TA developers should be able to see the values in data connectors, or am I missing something? ;) And even if Ranorex would somehow mask the data connector values, these values will still be visible in the data connector source files (excel/csv) or DB. So the only reliable way to hide passwords stored in solution/source files is to not share the solution with anyone outside the TA team and share only reports with masked values.
Pavel Kudrys
Ranorex explorer at Descartes Systems

Please add these details to your questions:
  • Ranorex Snapshot. Learn how to create one >here<
  • Ranorex xPath of problematic element(s)
  • Ranorex version
  • OS version
  • HW configuration

agroenen
Posts: 17
Joined: Thu Jun 09, 2016 3:18 pm

Re: Masking password on two different places

Post by agroenen » Wed Oct 11, 2017 11:46 am

I don't see why TA'ers should see each others passwords...?
Passwords are masked in the data connector source file (Access database).

The Automation Helper EmailModule is showing the password in the report too.
Since we are working with a Microsoft Exchange server, that's the same password to login to our complete working environment.
That's an unwanted situation.

User avatar
odklizec
Ranorex Guru
Ranorex Guru
Posts: 3914
Joined: Mon Aug 13, 2012 9:54 am
Location: Zilina, Slovakia

Re: Masking password on two different places

Post by odklizec » Wed Oct 11, 2017 11:54 am

Well, as mentioned, there is currently no solution for this, so your only hope is to add a feature request.

In my opinion, the main problem is that you are using "live" accounts/passwords, instead of test/service accounts (with limited rights, just for the purpose of TA). I would never use personal account for TA, especially not in shared environment! This is a big "NONO"! ;)
Pavel Kudrys
Ranorex explorer at Descartes Systems

Please add these details to your questions:
  • Ranorex Snapshot. Learn how to create one >here<
  • Ranorex xPath of problematic element(s)
  • Ranorex version
  • OS version
  • HW configuration

krstcs
Ranorex Guru
Posts: 2683
Joined: Tue Feb 07, 2012 4:14 pm
Location: Austin, Texas, USA

Re: Masking password on two different places

Post by krstcs » Wed Oct 11, 2017 1:50 pm

I agree with Pavel, you should not be using live passwords in tests. This is bad practice.

You should have setup test accounts to use while running tests and the accounts should be limited to the test environment.
Shortcuts usually aren't...

agroenen
Posts: 17
Joined: Thu Jun 09, 2016 3:18 pm

Re: Masking password on two different places

Post by agroenen » Mon Oct 16, 2017 10:26 am

I can agree with that, but HOW can we us a fake-email address on a SMTP-server, with which no-one can do any harm, since the password appears in the report?