Inedo Community Forums Forums
    • Recent
    • Tags
    • Popular
    • Login

    Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

    If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

    Passwords are visible when using UseDpApiForPasswords=true

    Scheduled Pinned Locked Moved Support
    securitybuildmaster
    6 Posts 1 Posters 2 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ? This user is from outside of this forum
      Guest
      last edited by

      We are using Buildmaster 4.1.2 and passwords for access to remote servers are visible in plain text even though UseDpApiForPasswords=true in the settings. How can we ensure the passwords are hidden ?

      Product: BuildMaster
      Version: 4.1.2

      1 Reply Last reply Reply Quote 0
      • ? This user is from outside of this forum
        Guest
        last edited by

        Which passwords are not being hidden?

        1 Reply Last reply Reply Quote 0
        • ? This user is from outside of this forum
          Guest
          last edited by

          The password for SSH access to remote servers and displayed in plain text when you untick the "Mask Password" checkbox even though we have UseDpApiForPasswords=true in the buildmaster settings.

          I heard yesterday that this had been broken in earlier builds but was fixed in 4.1.2.

          1 Reply Last reply Reply Quote 0
          • ? This user is from outside of this forum
            Guest
            last edited by

            Can you verify that the password properties are encrypted in the database? The editor would have to decrypt them in order to edit them again.

            1 Reply Last reply Reply Quote 0
            • ? This user is from outside of this forum
              Guest
              last edited by

              The password properties in the database are encrypted. When we first used this feature, once the password was encrypted you could no longer view it in plain text. This is what we need for security reasons.

              1 Reply Last reply Reply Quote 0
              • ? This user is from outside of this forum
                Guest
                last edited by

                We have released BuildMaster 4.1.3, which addresses this issue:

                • BM-1380 - Hide passwords from clients when UseDpApiForPasswords is enabled

                So as long as that option is enabled, stored passwords will never be accessible from the UI.

                1 Reply Last reply Reply Quote 0

                Hello! It looks like you're interested in this conversation, but you don't have an account yet.

                Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

                With your input, this post could be even better 💗

                Register Login
                • 1 / 1
                • First post
                  Last post
                Inedo Website Home • Support Home • Code of Conduct • Forums Guide • Documentation