Experience exchange: Storing credentials

Hey everybody,

currently we are discussing the whole credential Topic in my company.

Wenn ich es bisher richtig verstanden habe, gibt es zur Zeit zwei verschiedene Wege:

1. Take the Windows Credential Manager: Since we are working on virtual machines, each password must be entered and maintained in several places. For example, SAP passwords expire every 90 days, which means a high manual effort afterwards.

2. You use the Orchestrator assets: The advantage here is definitely that the passwords can be managed in one place, you only have to change them centrally. But what if multiple people and colleagues from different regions around the world have access to the Orchestrator? If you assume that you store your SAP password from the HR system in Orchestrator, every colleague would have access to this password and could use it in his process.

The last point in particular currently presents us with the challenge that we are not sure whether we should continue to use Orchestrator for passwords. It is not possible to monitor enough at this point to ensure that colleagues do not misuse SAP passwords, for example.

Maybe you can share your experiences and approaches with me.

Best regards

Marcel

Hello Marcel. When using Assets, there is an option (Value Per Robot) to enable a set of credentials only for a specific Robot. Once the value has been set, one can go in and view the user name that is associated, but not the password. In theory, if you use Value Per Robot, and enter in your user name and password, your colleagues will not be able to use those credentials for their Robots. I’m not sure if this helps but I hope it does.