Question

8
Replies
4079
Views
Michael Tan (tanm1)
PEGA
Senior System Architect
Pegasystems Inc.
JP
tanm1 Member since 2016 39 posts
PEGA
Posted: June 9, 2017
Last activity: November 6, 2018
Posted: 9 Jun 2017 2:07 EDT
Last activity: 6 Nov 2018 20:02 EST
Closed
Solved

Pega Robotics Studio 8: password management for automations

When logging in to various systems or opening protected Excel files, the password is required and till now usually hard coded within the automation. Apart from having bad maintainability, we also noticed the password is written to the log files; for example, the following automation snippet:



produces the following log line:


Info | 12:56:57.516 午後 | 1 | STA | Automation | trilogy_login | Project1 | Automation: trilogy_login propagating From: trilogy_login.password.Value To client_text_input.client_text_input._EntryPointExecute().param2 Value: Pxxxxxxxxx



This is at "Info" log level, so the only way to stop the password appearing in clear text in the log would be to set the log to "Error" level which would make operational troubleshooting much more difficult. Ideally we would like just this one control to not log, but all other controls and/or automations to log at Info level - is there a way to do this?

When logging in to various systems or opening protected Excel files, the password is required and till now usually hard coded within the automation. Apart from having bad maintainability, we also noticed the password is written to the log files; for example, the following automation snippet:

produces the following log line:

Info | 12:56:57.516 午後 | 1 | STA | Automation | trilogy_login | Project1 | Automation: trilogy_login propagating From: trilogy_login.password.Value To client_text_input.client_text_input._EntryPointExecute().param2 Value: Pxxxxxxxxx

This is at "Info" log level, so the only way to stop the password appearing in clear text in the log would be to set the log to "Error" level which would make operational troubleshooting much more difficult. Ideally we would like just this one control to not log, but all other controls and/or automations to log at Info level - is there a way to do this?

More generally, what are Robotics' best practices for managing passwords? As mentioned, it's best for it to not be hard coded and we thought of managing the passwords in an Excel file, but that Excel file is also password protected and its location and password will appear in the log files

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Robotic Process Automation
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.