Looking for people to test security of this method
I've recently had the need to enter a password into a program to access some data
But I don't want to have to enter the password everytime I run the script so I've come up with this "secure" method of just needing to ask for the password once.
_password is set to be transient so it shouldn't be saved when script saved
If _password already set then it won't ask for it
answer is cleared down so that it's not left in there either
Here is a script pic as well as program (in case _password is exposed in a script pic)
I don't think the variable is stored in the metadata of the image. I imported the script but found no trace of the password visually. To look deeper, you might want to dig around in the metadata of the image.
that doesn't store my MQTT broker write access password (my broker allows anyone to read topics (such as cheerlights/#) but needs a password to publish to them
i think this should be fine as long is the variable isn't stored in the project state? one way i feel like you could test the security of this is to enter your password then download and search for the password in the project metadata
for instance, enter "GenericProjectPassword" then download it and use a text editor to attempt to find that string in the project