Forum Discussion

Rama16's avatar
Rama16
Contributor
5 years ago
Solved

NTLM Authentication - Password is visible (Security Issue)

Hi,

 

I see password is visible if I use NTLM authentication. It seems like security issue Please advise.

 

Thanks

  • Hello Rama16,

     

    I agree that the password value should be hidden in the request's properties in Navigator as it's hidden in the other panels. I have registered an issue in the internal DB for this.

     

    As for the fact that the password is stored in the project file as-is, it's the expected default behavior. To protect your sensitive data can either encrypt the whole project or selected properties as it's described in this article: https://support.smartbear.com/readyapi/docs/testing/best-practices/secure.html

     

     

15 Replies

  • richie's avatar
    richie
    Community Hero

    Hey Rama16 

     

    What version of SoapUI/ReadyAPI! are you using?  I'm running ReadyAPI! v2.6.0 and the password is obfuscated and has been for a while - I remember it wasn't in SoapUI v3.5 - but that was years ago!

     

    Cheers,

     

    richie

    • Rama16's avatar
      Rama16
      Contributor

      Thanks for your reply.

       

      I am using ReadyAPI 2.6.0 with Pro licence.

       

      Please see the screenshot.

       

      Thanks