Microsoft Dynamics CRM Developer Toolkit Stores Passwords in Plain Text

Yuval Atzmon | November 3, 2009 | 1:49 AM

If you’re using Dynamics CRM Developer Toolkit it’s worth noting that when you specify a username and password in the Server Connection settings (CRM Explorer Options in Visual Studio) the password is stored in the registry in plain text.

Server Connection settings dialog

The password is stored in the following registry path:

HKEY_CURRENT_USER\Software\Microsoft\VisualStudio\9.0\DialogPage\
UKDynamics.CrmExplorer.OptionsPageCustom

Password in plain text

This may not be a big issue for many developers, even when an administrator user is used, since most developers usually know the administrator password or are administrators themselves at least on dev\test environments, but still this is something you should be aware of.

If you’re concerned about this and cannot connect to your CRM server using default credentials, you can simply leave the password field blank and switch to default credentials every time you’re done working with the toolkit. This will clear the password registry key until the next time you wish to connect.

Categories
dev, mscrm
Comments rss
Comments rss
Trackback
Trackback

« Google Israel – Now Availbale in Arabic The operation completed successfully, please tell Microsoft about this problem »

One response

[...] the original here:  User21 – Yuval Atzmon » Microsoft

User21 – Yuval Atzmon » Microsoft Dynamics CRM Developer Toolkit … « crm like soft | November 3, 2009 | 1:44 PM

[...] the original here:  User21 – Yuval Atzmon » Microsoft Dynamics CRM Developer Toolkit … 02 Nov 09 | [...]

Leave a comment

You can use these tags : <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>