Starting with StresStimulus v5.7, passwords in authentication datasets can be obfuscated to provide additional test script security. The passwords can be encrypted when saving the authentication datasets.  The following section describes how to enable password encryption depending on the authentication method.

Encrypting passwords

By default, the passwords in authentication datasets are saved in plain text when saving the test. This may lead to security vulnerabilities if the test files are stolen or the test is given to 3-rd party testers for execution.

Passwords can be encrypted when saving the test by enabling password obfuscation.

Enable obfuscation

  1. Press the Enable password obfuscation button in the Managing Test Case(s) node.
  2. In the Enable Obfuscation of Application Passwords dialog, enter a passcode. This passcode will be necessary to disable password obfuscation.
  3. Confirm the passcode.
  4. Press the Enable password obfuscation button to enable password obfuscation.
  5. Save the test to start encrypting the passwords.

Disable password encryption

To disable password encryption, perform the following steps:

  1. Press the Disable password obfuscation button in the Managing Test Case(s) node.
  2. In the Disable Obfuscation of Application Passwords dialog, enter the previously entered passcode.
  3. Press the Disable password obfuscation button to enable password obfuscation.
  4. Save the test to stop encrypting the passwords.

  • No labels