avoiding plain-text passwords in .do files?

Noah Natzke

Join Date: May 2022

Posts: 1
#1

avoiding plain-text passwords in .do files?

05 May 2022, 12:54

I'm connecting to a data warehouse using odbc load as shown below:
odbc load, exec("my_SQL_statement") user(my_username) password($pass) dsn("my_data_source");
As you can see, the password is supplied by a global macro, which I defined in profile.do. That's better than putting the plain-text password in each .do file, but still not good.

(How) can I avoid having a plain-text password in Stata? I'm looking for something like SAS's proc pwencode, which supplies an encoded password or R's keyring::key_get that retrieves passwords from a system keyring.

Thanks for any help you can provide!
Tags: None
Leonardo Guizzetti

Join Date: Jul 2016

Posts: 2389
#2

05 May 2022, 13:45

I think you've hit on the only available strategy that I'm aware of. That is, keeping the plain-text password stored as a local or global in a separate file. Here you have used profile.do, but any such do-file will achieve the result by using -include-. Presumably you are in control of this password-containing file, so you can store it apart from your project files (especially if you are working in a collaborative setting). However, for anything fancier, that seems like a job for StataCorp.

Last edited by Leonardo Guizzetti; 05 May 2022, 14:31.
1 like
Comment
Bjarte Aagnes

Join Date: Apr 2014

Posts: 783
#3

05 May 2022, 15:18

Java, or maybe Python, might be used for decryption and via API run the Stata odbc load command quietly.
Comment

Announcement

avoiding plain-text passwords in .do files?

Comment

Comment