Agilitest allows the recording of variables which are then encrypted in ATS files.
This allows them not to appear in plain text in the files, nor in the test editing interface.
They are managed in the "Edit project properties" menu
Click on "Add" and enter a variable duplicate, value.
Thereafter, the value can be retrieved in ATS as a normal variable using the keyword $pass(variable).
What differs from the normal management of variables:
- Passwords are not printed in the editor user interface anywhere other than in their edit menu.
- They are not visible in ATS files, not even their declarations.
- They do not appear in ATSV files.
- They do not appear in the logs and logs generated by Agilitest and ATS.
- Each variable declared using $pass() variables is handled in the same way.
When to use encrypted passwords
We recommend that you use encrypted passwords when you cannot do otherwise.
For example, we do not recommend that you perform your tests with real user accounts that are in your teams by encrypting passwords. The solution that we recommend to you is to create users dedicated to tests and having their own privileges, if possible limited.
If you cannot do otherwise, for example if you must test the administrator account, we advise you to do so on environments similar to production that are secured differently (for example physically on your premises).
Finally, if you are testing on systems that are in the cloud, you will not be able to do otherwise, and in this case, we advise you to complete this mechanism, for example by going through secure transfer protocols like https or using one-time passwords issued by a secure server.
