Hello,
I was wondering, are there any other secure ways (by that I mean 1st - the solution to be only for storing credentials; 2nd - I don’t want to store passwords that are not secured, I want it to be ***, not “123”) to store credentials, except storing in:
assets in Orchestrator;
Windows Credentials;
Using Add Credentials activity in Studio;
Key Vault / CyberArk Store?
I saw something about Oracle Credential Store but could not find any consistent information about how it is used in UiPath. If anyone of you can provide info, that would be great!
Please, tell me, are there any other ways to store credentials?
For me, if you are running attended bots, then you should trust your user and go with Windows Credential manager, since it is the easiest and cheaper way, and still secure enough…
Yes, I agree and this is how the process is right now.
But the idea is not to annoy the user to write, let’s say every time 5 different usernames and passwords (because we have 5 different users for the system), but the robot to get (read) them and login by itself.
Having this what you said and the fact that I’m sceptic and I don’t like to give users “the power” of having password I would save them for example in file (can be even txt) but with encrypted form. So your logon automation could grab this txt and having decryption code could write it without user’s interaction and log him in.
Keeping everything, even encrypted password inside the project might cause potential leak. In my “solution” (I wouldn’t call it the best practice) you have passwords separated from the project so somebody who would like to cheat it somehow would need two pieces to achieve it
Yes, storing in a file was one of the ideas. Also, thought about storing in .properties file (please, do not ask me why, just accept it ) but I am not sure if I can read (and how to read) this kind of files in UiPath. I think the activity Read Text File might be useful or just to use Invoke Code with let’s say some C# code in it. What do you think?
We did try to get this working, but Thycotic has a very confusing licesning regime, and it required us to upgrade to a platinum subscription, which clearly was not within our budget. If an organization already has this subscription, it would be a safe integration.
Just trying to consolidate…
1.Credential asset in orchestrator
2.Windows Credential manager.
3.Encrypted passwords in Configs or any other file or storage buckets
4. Azure Key vault
5. File based credential store using Json (credential_store.json) using super admin settings
To Add on, Below are the possible ways to store credential-
Azure Key Vault, CyberArk CCP, HashiCorp Vault, Thycotic Secret Server, BeyondTrust, AWS Secrets Manager, and CyberArk.
Different methods of saving password will be displayed in UiPath Orchestrator with updated list. All these methods have different documentation also. It wont be an easy plug in as we need to coordinate with the right team in the organization to do the configuration from the third-party side as well
Direct easy method is UiPath Orchestrator, Windows Credentials etc. Other methods are as follows
I would save them for example in file (can be even txt) but with encrypted form. So your logon automation could grab this txt and having decryption code could write it without user’s interaction and log him in.
