Orchestrator password parameter and assets

Hello everyone, hello UiPath team.

I was wondering, what is the best approach to deal with application passwords stored in Orchestrator. Basically we are dealing with two kinds of problem.
First is that if you store password as asset in Orchestrator and retrieve it as a secure link, it is really easy to “decode” this password and show it as a plain text. So the password can be exploited by malicious developer.
Secondly to avoid this, you can send password as a workflow input parametr via Orchestrator, but in that case you can again see the password as a plain text in the job logs as a parameter value.

Any ideas about best practices and handling this would be much appreciated.

Thank you.

1 Like

Hi @esterba,

In addition you can use your own encryption and decryption method instead password.

Hello @esterba

Just like @kuppu_samy mentioned here, we can easily use the encryption and decryption mechanisms available in .Net to do this. So, before sending the password out, you can get the studio to encrypt the password. The encrypted value will be the one that is getting saved in the credential asset in Orchestrator. Once to retrieve the value from the Orchestrator, still it will be the encrypted value. Hence, any malicious developer will not be able to see the exact value behind it. Once it reached the workflow you are building, there you can decrypt the final string so that you can get the actual password…

This is one method that we use to secure the credentials when passing them through internet.