topic Re: how to secure a password in sas in SAS Enterprise Guide

how to secure a password in sas

alepage — Thu, 21 Sep 2023 20:30:18 GMT

Hello,

A simple way to connect to an Oracle table is to use the follow SAS code:

LIBNAME myora ORACLE PATH=orasrv USER=myuse PW=mypassword:

But what is the best way to protect the username and password so nobody can see their values.

Please provide an example.

Re: how to secure a password in sas

SASKiwi — Thu, 21 Sep 2023 23:10:38 GMT

How secure do you want your password to be? PROC PWENCODE is one option:

proc pwencode in = 'mypassword';
run;

Just replace the PW text in your LIBNAME with {SAS002}68B279564BD2695538CDCDB301E8A357563480B0

This wont prevent someone just copying and pasting your LIBNAME into their own code though.

Re: how to secure a password in sas

SASKiwi — Fri, 22 Sep 2023 03:34:26 GMT

Another more secure option is to create a new Authentication Domain in SAS metadata, within a new metadata User Group, then add an Oracle account and password to use for the whole group. You then add all SAS users allowed to access Oracle to this new user group. You need to have administrator access to SAS Management Console to be able to set this up and you also need a shared account for Oracle access - one that is shared across all users in Oracle SAS user group. You would need approval from your IT security folks to obtain this. Your LIBNAME would now look similar to this:

libname MyOracle Authdomain = OracleAuth;

Re: how to secure a password in sas

Tom — Sat, 23 Sep 2023 00:57:44 GMT

A few methods.

Store the password into an environment variable and use %SYSGET() to pass it to the LIBNAME statement.

LIBNAME myora ORACLE PATH=orasrv USER=myuse PW="%sysget(mypassword)";

Note you might want to use this %QSYSGET() macro if your passwords are messy.

Store the password into a file (with proper access permissions) and read from the file to generate the libref. You could just use it to generate a LIBNAME() function call.

data _null_;
   infile 'mypassword' ;
   input;
   rc = libname('myora','ORACLE',,catx(' ','PATH=orasrv USER=myuser PW=',quote(trim(_infile_))));
run;

For ORACLE try defining an ORACLE WALLET and use that to connect.

Re: how to secure a password in sas

mightydron — Mon, 15 Jul 2024 10:06:56 GMT

Securing passwords in SAS is super important these days. It's like having a guard dog for your online accounts! These tools help you create passwords that are tough for hackers to crack.

Re: how to secure a password in sas

mightydron — Fri, 19 Jul 2024 10:02:23 GMT

One easy way to do it is to use a strong password checker. Here's a tip: try to mix it up with a combo of letters, numbers, and symbols. Avoid using easy stuff like your pet's name or "password123". Plus, don't forget to change your password regularly to keep those sneaky cyber folks guessing. Another cool trick is using two-factor authentication when you can. It adds an extra layer of security, like having a secret code to get into your clubhouse.