0

I have a written a script (in R) 

cmd = paste0("schtasks /create /sc WEEKLY /d MON /tn ",task," /tr ",comm," /st 12:51")
system(command = cmd)

Where task is the name of the task and comm is the location of R and the script. This works and the script is executed. However I have some scripts where I would like to pass my credentials.

Essentially this is just adding /RU *** /RP *** to cmd, however I don't think storing my username and password is a good idea in a shared file.

Is there a way to encrypt the credentials or maybe another alternative?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Rafael
  • 101
  • 1

1 Answers1

1

Rather than doing it in R, you can do it in Powershell and save the credentials as a secure string. That solves the problem of it being human-readable, but the credentials used to create it are still available (which is not a good security practice). More info on that is available here. Otherwise you can do this in Powershell and use get-credential, which prompts you to enter the appropriate credentials. (That's a lot more secure way to handle that, although it comes with the "bother" of entering your ID and password)

baldPrussian
  • 2,768
  • 2
  • 9
  • 14
  • The credentials would still be in the script and Secure-String is only used to prevent attacks against strings in memory. A schedule task is not going to work with get-credential due to the prompt – McMatty Jan 31 '18 at 20:46
  • This might be a simple (read: not ideal) suggestion, but you could use an algorithm to encrypt these fields and store these encrypted fields in, say, a locked file, in a way that is also not human readable. Then, implement a way to decrypt this input into the script and read the input from the stored location into a variable you can then use and discard from memory after. This might allow you to automate the process but likewise, this isn't 100% secure. – psosuna Feb 01 '18 at 00:50