Username & Password stored in Clear Text
Chaucerplc
For each rule the username and password is stored in the config file.
This needs to be encrypted, can I use Microsoft's built-in EFS system, does anyone have any ideas?
This needs to be encrypted, can I use Microsoft's built-in EFS system, does anyone have any ideas?
This discussion has been closed.
Comments
1/ Web front-end should never be available to non-Administrator users
2/ Web front-end should only run when configuring; beyond that use the publication of the static HTML files (see help file section about publishing for read only users).
Clear text is an issue when opening the application via the web front to non-admin users (admin users can anyway access the machine running ServersCheck and do know the stored passwords)