How secure is the Run as password stored?

Archived support forum for customers who once purchased a PrimalForms product license. This forum is locked.
User avatar
mssapien
Posts: 23
Joined: Tue Jan 03, 2012 4:39 am

How secure is the Run as password stored?

Post by mssapien » Wed Mar 28, 2012 6:38 am

I am making a Form Project Package and using 'Run As' a user which will have more rights than the actual user that is going to use the program.How secure/insecure is the password for the 'Run As' user stored?

User avatar
davidc
Posts: 5889
Joined: Thu Aug 18, 2011 4:56 am

How secure is the Run as password stored?

Post by davidc » Wed Mar 28, 2012 8:01 am

The password are encrypted in the exe. Note: No encryption is unbreakable, but as it stands, your code and credentials inside a SAPIEN Script package are safer than if coded inside a .NET application or C++ application without special treatment.Please refer the the following blog article for more information: http://www.sapien.com/blog/2010/01/19/h ... ages/David
David
SAPIEN Technologies, Inc.

User avatar
mssapien
Posts: 23
Joined: Tue Jan 03, 2012 4:39 am

How secure is the Run as password stored?

Post by mssapien » Wed Mar 28, 2012 8:29 am

Okay. Where do I choose/how do I know which "hosting option" my build uses? I obviously want it to run in memory.Also I hope your higher encryption level will be implemented for all (not only for government customers).

User avatar
davidc
Posts: 5889
Joined: Thu Aug 18, 2011 4:56 am

How secure is the Run as password stored?

Post by davidc » Wed Mar 28, 2012 10:39 am



PrimalForms
only uses the PowerShell hosts. The passwords are always encrypted regardless
of host.

David

David
SAPIEN Technologies, Inc.

User avatar
mssapien
Posts: 23
Joined: Tue Jan 03, 2012 4:39 am

How secure is the Run as password stored?

Post by mssapien » Wed Mar 28, 2012 11:32 am

Ok. Is there any way to later change the password of the RunAs user in Active Directory, and have the program continue working? Or is it always necessary to rebuild the package and enter the new RunAs user password after changing its password in Active Directory.
mssapien2012-03-28 18:34:48

User avatar
mssapien
Posts: 23
Joined: Tue Jan 03, 2012 4:39 am

How secure is the Run as password stored?

Post by mssapien » Wed Mar 28, 2012 6:56 pm

The customer receiving such a program, needs their own license of PrimalForms (299$) + the source code if they shall be able to change the password of the RunAs user later by themselves and have the program still working, correct? (by re-building the project and entering the new password for the RunAs user)

User avatar
davidc
Posts: 5889
Joined: Thu Aug 18, 2011 4:56 am

How secure is the Run as password stored?

Post by davidc » Thu Mar 29, 2012 3:02 am



The
packager only stores the password you provided when created. So if you change
the password in AD, then you will need to rebuild the exe with the new password.



You can
to distribute the packaged exe royalty free. Meaning users of your executable
need not purchase a license. But if you want them to edit the packager settings,
then they will need to purchase a license of PrimalForms (per user).



David

David
SAPIEN Technologies, Inc.