Forum Discussion

Contributor

6 years ago

NTLM Authentication - Password is visible (Security Issue)

Hi,

I see password is visible if I use NTLM authentication. It seems like security issue Please advise.

Thanks

NBorovykh
6 years ago
Hello Rama16,

I agree that the password value should be hidden in the request's properties in Navigator as it's hidden in the other panels. I have registered an issue in the internal DB for this.

As for the fact that the password is stored in the project file as-is, it's the expected default behavior. To protect your sensitive data can either encrypt the whole project or selected properties as it's described in this article: https://support.smartbear.com/readyapi/docs/testing/best-practices/secure.html

richie
Community Hero
6 years ago
Hey Rama16

What version of SoapUI/ReadyAPI! are you using? I'm running ReadyAPI! v2.6.0 and the password is obfuscated and has been for a while - I remember it wasn't in SoapUI v3.5 - but that was years ago!

Cheers,

richie
- Rama16
  Contributor
  6 years ago
  Thanks for your reply.
  
  I am using ReadyAPI 2.6.0 with Pro licence.
  
  Please see the screenshot.
  
  Thanks
  - TanyaYatskovska
    SmartBear Alumni (Retired)
    6 years ago
    Just to clarify, Rama16, do you see the value of the password field?

Related Content

SoapUI project keystore password security?
6 years ago
KrisVH
Encrypt passwords and master password?
7 months ago
emoya
password reset
3 years ago
UConnAnnMarie
Password reset
3 years ago
vertikav
Windows Security prompt in Chrome will not accept password with ! in it
4 years ago
rpsbpyz

Recent Discussions

more screen real estate by moving the Testcase progress bar
2 days ago
Awesome
JSON Schema Compliance URL
5 days ago
jrziggy
Facing Issues with Converged Networking and ReadyAPI 3.45 by SmartBear – Need Some Advice!
5 days ago
jonathanjone
ReadyAPI external certification
5 days ago
Harisuresh
Ready Api Tests hitting 'NoClassDefFoundError' while running in docker
6 days ago
Tarun_Kumbnani