eValid™ -- Automated Web Quality Solution Browser-Based, Client-Side, Functional Testing & Validation, Load & Performance Tuning, Page Timing, Website Analysis, and Rich Internet Application Monitoring.

Introduction
eValid is often used to record and play back complex login sequences. Doing this requires eValid to record and save the account name and associated password for the account. This page describes eValid's facility for encoding and decoding passwords so that this information can be kept secure.

Encode Input Text Option Selection
The Encode Input Text option is available from the Script Window using the Edit pulldown, as shown in this picture:

This option is normally off. To activate the Encode Input Text option click on the option To confirm that this option is active, review the Edit pulldown, to confirm that the option has been selected and is in effect:

Encode Input Text Option Operation
When selected eValid encodes all input text fields using an internal algorithm that disguises the plain text input in a hexadecimal string. The encryption algorithm is robust enough that it is unlikely an attacker could decode the actual string value without advanced code cracking methods.

The information recorded in an eValid script hat appears using this encryption is detected automatically at script playback time. Here is an example of a login in plaintext and a login with the Encode Input Text option selected:

Additional Notes
(1) The string value included in the script window can be used in parameter substitutions without difficulty so long as the COMPLETE string is used as the value.

(2) You may wish to turn the encoding on only for the password part of a test session. If you leave it on ALL input text will be recorded encoded.