I’m interested to hear how other people manage test credentials (i.e. usernames or emails, and passwords), to get a balance of the following:
- credentials can be made available to scripts/builds that automate tests
- credentials can be accessed reasonably easily by humans who want to use them to conduct one-off tests
- passwords are stored in a sufficiently secure way
- when multiple/many credentials need to be stored, managing them all is still feasible
In practice, I’ve made better progress on some of these than others. Generally I’ve prioritised security and making the credentials accessible for test automation, but the downside is that, as a human, managing and using the credentials is quite fiddly and error-prone. Maybe there’s a better way?