Good question Ben!
You are right to be concerned about security, especially with deadly ransomware attacks on the rise.
Rest assured that AlwaysUp manages your Windows securely. Here are some of the measures in place to protect your valuable credentials.
AlwaysUp hides your Windows password on the Logon tab
As a first line of defense, the field that captures your Windows password “masks” the characters, showing asterisks (“*”) instead of the characters you type:
By doing so, AlwaysUp does not reveal your password to casual onlookers.
Windows stores your password — not AlwaysUp
Next, and more importantly, AlwaysUp never keeps, tracks or transmits your Windows password after it creates (or updates) a service.
Instead, AlwaysUp hands your password to the Windows Services layer (via the CreateService or ChangeServiceConfig API functions), which stores the password securely. In that way, your password is handled just as safely as it is with the trusted operating system tools, like the Services application.
Specifically, the Service Control Manager — which launches and initializes services — stores the password with LsaStorePrivateData. And when it’s ready to start a service, the SCM calls LsaRetrievePrivateData to retrieve the service’s password. After the initial creation, AlwaysUp is simply not involved.
AlwaysUp doesn’t include your password when you export
As another important security measure, AlwaysUp does not (actually, cannot) include your Windows password when you export your application to an XML file. Instead, you will see ENTER A PASSWORD in the password field:
Because AlwaysUp saves a placeholder instead of your password, you will have to re-enter your password when you import the XML file. However our team thought that was a small inconvenience to avoid leaking a sensitive password.
A note on Excel as a service
Please be sure to follow our tutorial showing how to run Excel 2013 with AlwaysUp. Please heed the comment about automation at the top of the page. Unfortunately, not all Excel functions operate properly in the context of a background Windows Service.
Best of luck with Excel!