Start a new topic

Prevent password storage in a document

It would be cool if we could mark a document with a setting that disallows storing passwords in this document.

The use case is that we want to use a common configuration document, and everyone has their own seperate credential documents. But it is easy to, by accident, store credentials in the configuration document.

Already, Royal TS will warn a user not to store passwords in an unencrypted document, and this helps. It will also suggest a user encrypt a document before allowing it to be saved if it contains credentials. This is not great, because the software can then lead the user into the wrong path, which is to encrypt the common configuration document so nobody can access it any more...

Ideally it would be nice if an unencrypted document could be set with flags, disallowing storage of passwords in the document, and also maybe disallowing the document from being encrypted. Of course these are all just "accident guards" and not security controls, so I would expect it's easy for an end user to go in and simply change these settings, but then of course it's more obvious he's doing something wrong.

(In the interim we plan on implementing a script in which the configuration document is routinely scanned for credentials that it contains... but having this natively supported in Royal TS would be better.)
Login or Signup to post a comment