Comment on page
Security Best Practices
Once you start creating tests in Moropo, you will likely want to use secret information such as passwords and passcodes in your tests.
For example, your login test will likely have a step like this:
Moropo encrypts all of your test data in the database at rest and during transit. However, tests are available as plain text for all authorised users in your organisation. Additionally, all test runs are screen recorded.
To help protect sensitive data, we recommend you follow these best practices when working with Moropo.
If your app relies on user accounts, create dedicated test accounts instead of using real accounts during test runs. You may even wish to create and delete accounts during a single test run. Moropo's email helper can assist with this.
Every test run in Moropo is screen recorded. So only enter data into your test scripts that are allowed to be recorded as part of your organisational policies.
All users in your organisation can view, edit and delete test and results data. Admins have permission to invite and remove users. It's important that you use Moropo's team management functionality to remove old users and keep the list of admins up-to-date.