'Send SMTP Mail Message' Password - SecureString

activities
i_considering

#1

Hi

The UiPath activity ’Send SMTP Mail Message’ needs a password in the properties pane for it to work. This password just needs to be a String but this is not a good solution as the password then will be exposed. I would like to request that it is changed so that it should be a SecureString.

Thanks!


Password field in MailMessages activities are not secure string
#2

We have in mind this idea: all the activities that requires a password (email, terminals, office, etc) should accept a secureString as parameter.

However, it takes time so we do not look at it as having high priority.

Till then the solution is to convert the secureString to a String:


#3

Hi

Thank you for your answer. Our security department is not happy about it so I would personally think it should be high priority :slight_smile: But thank you for the workaround!


#4

@badita Do we know when do we have this planned? I have been asked this question a lot lately


#5

We’re thinking about it.

Now, how would you see a possible implementation taking into account that:

  • You can anyway get the password out of a secure string
  • you may need to type password in different apps…therefore you can type it in notepad

Isn’t this enough?


#6

I agree. But if we put it as a secure string, we can at least have the SMTP password stored in Assets under credentials and not visible as plain text. I am aware of the case where they could type into a notepad exposing the password. But in that case, the code reviewers have to ensure that the password is typed in the correct region. It makes a lot of clients uncomfortable seeing the passwords being visible as plain text. In my opinion it would be better to have something(secure string for the moment) rather than nothing


#7

Hai,
Till now this problem is unsolved or solved ?


#8

Hello, I would also like to see a solution to this problem.


#9

is there any solution?


#10

I would say that this should be high priority. It’s hard to explain to clients how UiPath takes security seriously when the passwords are stored in plain text.