Password options within script

Hi,

I am new to Synthetics and am looking to use it to perform and monitor customer journeys through a variety of web apps.

I need to be able to login/logout but do not want to store any login passwords in clear text within the script itself.

Can anyone tell me what options I have please?

Thanks

Hi, @adwwhitehead: You have a number of options for obfuscating credentials within Synthetics scripts, but at some point the script must have the unobfuscated credentials in order to log in; a determined intruder can use the same method the script uses to obtain the credentials.

  1. You may encrypt the credentials, then have your script decrypt them at runtime:
    How to encrypt password in my script

  2. You may store the login code in an external repository, and have your Synthetics script pull it in and execute it: Share script trough multiple Monitors

  3. You may store the login credentials in a cloud-accessible data store, such as New Relic Insights, and have your script retrieve them at runtime.

The best solution is probably to enable Synthetics permissions to limit the number of people who are able to view your scripts.

2 Likes