10.10.7 Password Security within Scripts

Passwords can be included in scripts for establishing FTP (but not SFTP) connections. When you write a script in a text editor, if the script includes a complete OPEN command ( open <servername> <username> <password>), or includes a PASSTHRU command, passwords you add manually will be visible in the editor as plain text. For greater password security use one of these methods:

  • Use the Script Recorder to record the connection to the server. Passwords are stored as obfuscated text in the script file. When the script runs and a connection is opened, the client deciphers the password and sends it to the server.

  • Edit the script to remove the <password> parameter, which is the last parameter in the OPEN command. The OPEN command should have the format: open <servername> <username>. When the script runs and a connection is opened, the client prompts the user for a password. You may also want to omit the <username> parameter, which causes the client to prompt for both the user name and the password.