Obfuscate the password in the TeamCity UI
When a TeamCity build step needs to use a password, there is a way to obfuscate it.
- In the TeamCity web interface navigate to the project,
- On the project page open the Parameters page,
- Click the Add new parameter button,
- Enter the name of the parameter, the password value, and click the Edit button to set the special settings,
- Set the Display to Hidden, and the Type to Password to hide the value from the user interface. Click the Save button on this window and the on the parent window to save the parameter.
- To use the parameter in a build step, surround it with % signs.
Display the obfuscated password in the TeamCity UI.
To display the value of the password in the TeamCity UI again
- Select the attribute in the list
- Click the Edit button
- Set the type to Text and click the Save button
- On the Edit Parameter window click the Save button
- The password will be displayed in the parameter list.
Note that this is not actually “secure”, as anyone with read access to the build project can unscramble that password. Depending on your security needs, this may be sufficient, but think of it as “obfuscated” rather than “secure”.
https://youtrack.jetbrains.com/issue/TW-45181
Thank you, Kay for your comment, I have updated the title and the post to better describe the security level.
Something I think it’s badly done in TeamCity when it comes to password masking
Say you have the password ‘home-town’ and then you are connecting to a site say home-town.exmple.net, in the output you would see ‘*********.example.net’, which makes it easier to figure out passwords.
To get a password in plain text, just run an inline script in it’s own build step, split the password in two and echo them out on their own lines.
hello.
after the 4th step you will reset the original pass, after saving the form.
absolutely correct, and this solutions doesn’t help