Password Encoding with SAS

Quick note from Paul: I’m really excited that’s very first guest post is from the well known blogger and author Tricia Aanderud. I suspect you already know Tricia, but just in case you don’t …

Tricia Aanderud, president of And Data, Inc., provides SAS® consulting services to corporations who need assistance understanding how to transform their data into meaningful charts, reports, and dashboards. Tricia has been an enthusiastic SAS user since 2002 and has presented papers at the SAS Global Forum and other industry conferences. She is the co-author of two SAS BI books, “Building Business Intelligence with SAS: Content Development Examples” and “The 50 Keys to Learning SAS Stored Processes”.

Now over to Tricia …

I frequently find myself querying the metadata to assist with understanding a new customer system or trying to navigate one of my demo systems. As a result, I find I have many utilities that I want to share with customers. However, since these connect to the metadata with an active password, I don’t want to share my password. Using the SAS PWENCODE procedure, I can encode my password in a SAS program and voilà! a way to share the code and shield the password.

Encoding the Password

The PWENCODE procedure allows you to encode passwords that are used in place of plaintext passwords in SAS programs.

The following figure shows the PWENCODE procedure in a simple way. My example password, Pa55w0rd!, is placed in quotes. You can use different encoding methods, which you can read more about in the SAS PWENCODE procedure documentation.

The encoded password appears in the Continue reading “Password Encoding with SAS”

SAS Management Console 9.3 Password Indication

You’ve probably encountered this issue too. As an administrator you just want to know whether someone has stored a password in metadata or not. You don’t want to know the actual password, just whether there’s one there or not, because if there’s no password it can’t be wrong, whereas if there is a password it might be wrong / outdated.

In SAS® Management Console 9.2 the User Manager plug-in always displayed ******** in the password column on the accounts tab for a user (or group) whether there was a password there or not. A small, but very nice, enhancement in SAS Management Console 9.3 means that it now displays a blank when there’s no stored password and ******** only when there is a stored password. This is a nice indicator to show whether or not a password is present.

Here’s a screenshot for Bob’s SAS metadata identity. We can see he has no password stored for his inbound DefaultAuth domain\bob login, but he does have a password stored for his outbound OracleDBAuth oraclebob login.