Encrypt Username/Password

[NewsArchive]

I have sites running the webupdate function of SetupBuilder, but I now
notice you can encrypt the username and password. If I check this option do
I need to alter the username and password registry entries for those that
are NOT encrypted, or is setupbuilder intelligent enough to know if the
username and password is NOT encrypyed in certain circumstances???

Colin Wynn

[NewsArchive]

Colin,

Web update cannot detect if a username/password registry entry is encrypted.

Friedrich

--
Friedrich Linder
CEO, Lindersoft
www.lindersoft.com
+1.954.252.3910

"point. click. ship" - that's SetupBuilder 5

[NewsArchive]

So if I turn that option on and the username and password in the registry is
not encrypted SB will not allow the connection to the webupdate folder,
correct?

But.... Could I not check the username and password in the registry, and if
they are the 'decrypted' value then encrypt them and place them back in the
registry before SB does it's webupdate magic???

[NewsArchive]

Hi Colin,

You can only turn that option on when you "initialize" the web update
feature. This process writes the encrypted information and a flag to
the registry. All future web update installations only "read" the
(encrypted) registry values.

The web install loads this information "at startup", that means before
any of your scripting takes place).

What you can do is to check for the encryption flag (HOST_SERVICE value
is set to 1) in your next web update. At the end of the web update
process and if it is not set, set that flag and write the new encrypted
information (username and password) to the registry.

BTW, the relevant registry information is located at:
HKLM\Lindersoft\WebUpdate\Apps\<yourproductguid>

The next web update should then use the encrypted information.

Does this help?

Friedrich

--
Friedrich Linder
CEO, Lindersoft
www.lindersoft.com
+1.954.252.3910

"point. click. ship" - that's SetupBuilder 5

[NewsArchive]

Cool, will give that a whirl Friedrich, many thanks