02-14-2012 02:52 AM
I'm using "Password Encoder" to encode password, & giving the encoded password in lr_decrypt in my script.
This has a disadvantage that if any others, having access to the script, uses an lr_output_message(<lr_decrypt(encoded password)>), can decode & get the original password.
Is there any other way, that others can't retrieve the password?
02-18-2012 10:31 PM
As a best practice you shouldn't use sensitive accounts for performance testing or monitoring, as you wouldn't want your scripts being used to commit transactions in production using an account with elevated privliges. That's not to say there isn't ways around the basic encryption/decryption of clear text passwords in the script, such as certificate based authentication which is also supported.