Please note that VisualCron support is not actively monitoring this community forum. Please use our contact page for contacting the VisualCron support directly.


null
  •  null
  • No customer Topic Starter
2011-04-11T23:26:41Z
Hi,

Our senior infrastructure engineer asked me an interesting question.

How and where does Visual Cron store the credentials?

I think he has a concern about security of the passwords.

I appreciate any information you can provide on this topic.

Thanks!
Sponsor
Forum information
ErikC
2011-04-12T09:28:45Z
Hi null,

Welcome to the forum!

The credentials are stored in an xml file in the settings folder.
The network credentials are stored in the file networkcredentials.xml.
User credentials are stored in the file users.xml.

The usernames / passwords / email addresses are encrypted:

<Email>3pltgSOYdg%$@gs/X1dHQhGUgnsfdkjhHGFHG3FSxZZPKYg=</Email>
<Name>nKjJ1ZGFA41hVTn9o2h1P/8e7Dserfjhg5HGG</Name>
<UserName>fjshge$&VMDJ/tVFE6nYMcuTcG0/jjh5rRsi</UserName>
<PassWord>+qxcjjhFDsE0xL3y4I2hjhsdYTT==</PassWord>

(The above is a sample and doesn't contain real information)

Regards,
Erik
Uses Visualcron since 2006.
null
  •  null
  • No customer Topic Starter
2011-04-12T16:22:27Z
ErikC wrote:

Hi null,

Welcome to the forum!

The credentials are stored in an xml file in the settings folder.
The network credentials are stored in the file networkcredentials.xml.
User credentials are stored in the file users.xml.

The usernames / passwords / email addresses are encrypted:

<Email>3pltgSOYdg%$@gs/X1dHQhGUgnsfdkjhHGFHG3FSxZZPKYg=</Email>
<Name>nKjJ1ZGFA41hVTn9o2h1P/8e7Dserfjhg5HGG</Name>
<UserName>fjshge$&VMDJ/tVFE6nYMcuTcG0/jjh5rRsi</UserName>
<PassWord>+qxcjjhFDsE0xL3y4I2hjhsdYTT==</PassWord>

(The above is a sample and doesn't contain real information)

Regards,
Erik



Thanks Erik. One more question, what type of encryption is being used for passwords? It can't be one way hashing because Visual Cron must use passwords for network connections, etc.

My coworker is arguing with me that if this file is stolen, it will be easy to figure out what the real password is.

null
Support
2011-04-13T13:03:20Z
We are using 3DES encryption. I think it would be _very_ hard to decrypt that.
Henrik
Support
http://www.visualcron.com 
Please like  VisualCron on facebook!
MikeBoBo
2011-04-21T21:52:00Z
null wrote:


Thanks Erik. One more question, what type of encryption is being used for passwords? It can't be one way hashing because Visual Cron must use passwords for network connections, etc.

My coworker is arguing with me that if this file is stolen, it will be easy to figure out what the real password is.

null



Dear co-worker

Here is the file, let me know when it's decrypted.

Thx
Scroll to Top