Password policy

This feature is only available with an advanced data source.

Accessing passwords stored in your data source by querying the underlying database is not possible because of the encryption we apply on the passwords. For those of you that need to access passwords directly in the database, for example by a CRM system, we have created a way to achieve this.

Settings

The session information, which is an XML structure, is stored in the Data field of the Connections table in the underlying database.

However, getting the encrypted password from the database requires the Allow password for external system to be configured.

Password policy – Allow password for external system
Password policy – Allow password for external system

Enter an encryption key in the Key field. Once a key is provided it will cause the system to extract a copy of the password from our XML structure, this will then be re-encrypted using the Key you have provided and stored back into the UnsafePassword field of the Connections table.

Security Provider
Security Provider

Decryption Code

Use the following .net code to decrypt your passwords.

public static string Decrypt(string encryptedString, string key){  if (string.IsNullOrEmpty(encryptedString))  {    return encryptedString;  }  try  {    TripleDESCryptoServiceProvider tripleDesCryptoServiceProvider = new TripleDESCryptoServiceProvider();    MD5CryptoServiceProvider cryptoServiceProvider = new MD5CryptoServiceProvider();    string strTempKey = key;    byte[] byteHash = cryptoServiceProvider.ComputeHash(Encoding.ASCII.GetBytes(strTempKey));    tripleDesCryptoServiceProvider.Key = byteHash;    tripleDesCryptoServiceProvider.Mode = CipherMode.ECB;    byte[] byteBuff = Convert.FromBase64String(encryptedString);    string strDecrypted =      Encoding.UTF8.GetString(        tripleDesCryptoServiceProvider.CreateDecryptor().TransformFinalBlock(          byteBuff, 0, byteBuff.Length));    return strDecrypted;  }  catch (Exception)  {    return null;  }}

Settings

Data Source Settings - Password Policy
Data Source Settings - Password Policy

OPTIONDESCRIPTION
Disable password saving (shared)Users will not be able to save passwords within session.
Disable password saving (user specific settings)Users will not be able to save password in the User Specific Settings.
Disable password saving for data source accessUsers will not be able to save a new password to access the data source.
Allow reveal password for administrator and authorized users (Ctrl+Alt+Enter)Controls if reveal password is enabled for authorized users.
Allow reveal credentials (if enabled in the entry)Allow to show the credentials if the box “Allow show credentials (everybody)“ is check inside the session.
Allow password in macro (send keys)Renders $MACRO_PASSWORD$ variable useless for this data source.
Password historyIndicates the maximum saved password history count. See Password History for more information.
Devolutions Forum logo Give us Feedback