Page 1 of 1

How secure is the Run as password stored?

Posted: Wed Mar 28, 2012 6:38 am
by mssapien
I am making a Form Project Package and using 'Run As' a user which will have more rights than the actual user that is going to use the program.How secure/insecure is the password for the 'Run As' user stored?

How secure is the Run as password stored?

Posted: Wed Mar 28, 2012 8:01 am
by davidc
The password are encrypted in the exe. Note: No encryption is unbreakable, but as it stands, your code and credentials inside a SAPIEN Script package are safer than if coded inside a .NET application or C++ application without special treatment.Please refer the the following blog article for more information: http://www.sapien.com/blog/2010/01/19/h ... ages/David

How secure is the Run as password stored?

Posted: Wed Mar 28, 2012 8:29 am
by mssapien
Okay. Where do I choose/how do I know which "hosting option" my build uses? I obviously want it to run in memory.Also I hope your higher encryption level will be implemented for all (not only for government customers).

How secure is the Run as password stored?

Posted: Wed Mar 28, 2012 10:39 am
by davidc


PrimalForms
only uses the PowerShell hosts. The passwords are always encrypted regardless
of host.

David


How secure is the Run as password stored?

Posted: Wed Mar 28, 2012 11:32 am
by mssapien
Ok. Is there any way to later change the password of the RunAs user in Active Directory, and have the program continue working? Or is it always necessary to rebuild the package and enter the new RunAs user password after changing its password in Active Directory.
mssapien2012-03-28 18:34:48

How secure is the Run as password stored?

Posted: Wed Mar 28, 2012 6:56 pm
by mssapien
The customer receiving such a program, needs their own license of PrimalForms (299$) + the source code if they shall be able to change the password of the RunAs user later by themselves and have the program still working, correct? (by re-building the project and entering the new password for the RunAs user)

How secure is the Run as password stored?

Posted: Thu Mar 29, 2012 3:02 am
by davidc


The
packager only stores the password you provided when created. So if you change
the password in AD, then you will need to rebuild the exe with the new password.



You can
to distribute the packaged exe royalty free. Meaning users of your executable
need not purchase a license. But if you want them to edit the packager settings,
then they will need to purchase a license of PrimalForms (per user).



David