Devolutions ForumDevolutions Forum

Risk of allow password in $PASSWORD$ variable

Risk of allow password in $PASSWORD$ variable

avatar
freddy1

We have scripts which need input with username and password. Now is the only way to run the script correct is to use the variable $USERNAME$ and $PASSWORD$

Out of the box the setting "allow password in variable" is disabled of the DVLS privileged account.

What is the risk when we allow password to be saved in a variable?

All Comments (1)

avatar
Carl Marien

Hello,

Using a password as a variable poses a security risk because a user could potentially run the script in a simple text file and extract the password.

Best regards,

Carl Marien