Microsoft Dynamics CRM Developer Toolkit Stores Passwords in Plain Text

If you’re using Dynamics CRM Developer Toolkit it’s worth noting that when you specify a username and password in the Server Connection settings (CRM Explorer Options in Visual Studio) the password is stored in the registry in plain text.

Server Connection settings dialog

The password is stored in the following registry path:

HKEY_CURRENT_USER\Software\Microsoft\VisualStudio\9.0\DialogPage\
UKDynamics.CrmExplorer.OptionsPageCustom

Password in plain text

This may not be a big issue for many developers, even when an administrator user is used, since most developers usually know the administrator password or are administrators themselves at least on dev\test environments, but still this is something you should be aware of.

If you’re concerned about this and cannot connect to your CRM server using default credentials, you can simply leave the password field blank and switch to default credentials every time you’re done working with the toolkit. This will clear the password registry key until the next time you wish to connect.

One thought on “Microsoft Dynamics CRM Developer Toolkit Stores Passwords in Plain Text

  1. Pingback: User21 – Yuval Atzmon » Microsoft Dynamics CRM Developer Toolkit … « crm like soft

Comments are closed.