The recorded application authentication password is stored in plain text in the test script. The following steps describe how to remove the recorded password from the script.

  1. Create an authentication dataset that has a Password column.
  2. Enter at least one record into the dataset. It is recommended to enter the recorded credentials as the first record.
  3. Search the test case tree to find the requests with the recorded password.
  4. Open the highlighted request in the Session Inspector.
  5. Find the recorded password in the request and change it to a value "@password@" (must be unique). Save the session.
  6. Parameterize the same highlighted request by creating a parameter replacing "@password@" with the password column from the authentication dataset.


By following the described above steps, you can ensure that no password will the stored in the script in the human-readable format.

  • No labels