Where Does CopyStorm Store Passwords?

By default, CopyStorm does not store Salesforce or database passwords. To enable this option, select the “Store Passwords” option when saving a configuration file. When checked, CopyStorm will maintain Salesforce password security by encrypting Salesforce and database passwords in the save file.

What if I Want to Store Passwords in a Password Manager?

CopyStorm includes an extensible system which allows the usage of third-party password managers to store Salesforce passwords. The default password storage locations include:

• Directly within the CopyStorm save file (this is the default).

• Within a KeePass file named “passwords.kdbx” located in any of:

  • The user’s home directory.

  • The CopyStorm installation directory.

  • A subdirectory of the CopyStorm installation directory named “config”.

  • Any directory adjacent to the CopyStorm installation directory.

To use your own password manager, please see our tutorial titled How to Add a New Password Manager.

How to Use the KeePass Password Manager

To enforce Salesforce password security using the KeePass password manager to authenticate with Salesforce, you will need:

• A kdbx (KeePass v2.x) formatted password file containing the username and password of the Salesforce user.

  • For more information on the KeePass password manager, see https://keepass.info/

  • The user’s Security Token may be either:

    • Appended to the user’s password.

    • Stored in a text attribute named “Security Token”

• A copy of the kpcli.pl Perl script (version 3.2) available here:

  • http://kpcli.sourceforge.net/

  • The Perl script is used for both Windows and Linux installations — the Windows-formatted exe will not work.

• A Perl installation with all dependencies for kpcli installed.

  • Dependencies can be found at the kpcli homepage (http://kpcli.sourceforge.net/)

After installing Perl with the kpcli dependencies:

• Put the passwords.kdbx file in one of the locations referenced above.

• Put the kpcli.pl script in one of the locations referenced above (make sure the file is named “kpcli.pl”).

• Make sure the script is installed correctly by running the command:

  • If kpcli.pl is installed correctly and the password entry path is correct, it will print the Salesforce credentials.

• Restart the CopyStorm UI. Under the “Advanced Parameters” section of the Main tab, a “Credential Type” option of “Keepass” will appear:

• Enter the KeePass file password and the path to the Salesforce user’s password entry:

• Test the connection by pressing the “Test Salesforce Connection” button.

  • If the KeePass file password is incorrect, or if the kpcli.pl script is set up incorrectly, an error will appear which looks like:

  • If the Entry does not appear in the Keepass file, an error will appear which looks like: