Moropo
RoadmapTerms
  • Welcome to Moropo
  • Quick Start
  • Uploading your app
    • Producing an Android Build
    • Producing an iOS Build
    • Uploading Your Build To Moropo
  • Creating Tests
    • Using the Test Creator
    • Test Configuration
    • Test Step Commands
      • addMedia
      • assertNotVisible
      • assertTrue
      • assertVisible
      • back (Android only)
      • clearKeychain (iOS Only)
      • clearState
      • copyTextFrom
      • doubleTapOn
      • eraseText
      • evalScript
      • extendedWaitUntil
      • hideKeyboard
      • inputRandomEmail
      • inputRandomNumber
      • inputRandomPersonName
      • inputRandomText
      • inputText
      • launchApp
      • longPressOn
      • openLink
      • pasteText
      • pressKey
      • repeat
      • runFlow
      • runScript
      • scroll
      • scrollUntilVisible
      • setLocation
      • startRecording
      • stopApp
      • stopRecording
      • swipe
      • takeScreenshot
      • tapOn
      • travel
      • waitForAnimationToEnd
    • Test Step Selectors
    • Importing From Maestro
    • Environment Variables
      • ${BUNDLEID}
      • ${EXPORELEASECHANNEL}
      • ${MOROPO_TEST_EMAIL}
      • ${MOROPO_EMAIL_URL}
    • Advanced Use Cases
      • JavaScript
      • Conditionals
      • Network Connection
      • Drag and Drop
  • Running Tests
    • Manually Trigger a Test Run
    • Scheduling a Test Run
    • Tags
    • Supported Devices
    • Test Execution Limits
    • Flakiness Tolerance & Retries
  • CI Integration
    • Initial CI Setup In Moropo
    • GitHub Action
    • Moropo API
      • Branches
      • Builds
      • Test Runs
      • Tests
  • Test Results
    • Results Explorer
    • Slack Reporting
    • Email Reporting
  • App Frameworks
    • Flutter
    • React Native
  • Guides
    • React Native Expo
    • Access Emails During A Test Flow
    • Git workflow using Moropo API
  • Infrastructure
    • IP Addresses
  • Security
    • Services Infrastructure
    • Security Best Practices
Powered by GitBook
On this page
  • Sensitive Data Inside Moropo
  • Best Practices
  • Use Test Accounts
  • Only Enter Recordable Data
  • Keep Team Data Up-To-Date

Was this helpful?

Edit on GitHub
  1. Security

Security Best Practices

Last updated 1 year ago

Was this helpful?

Sensitive Data Inside Moropo

Once you start creating tests in Moropo, you will likely want to use secret information such as passwords and passcodes in your tests.

For example, your login test will likely have a step like this:

- tapOn:
    id: "email-input"
- inputText: "test@moropo.com"
- tapOn:
    id: "password-input"
- inputText: "password123"

Moropo encrypts all of your test data in the database at rest and during transit. However, tests are available as plain text for all authorised users in your organisation. Additionally, all test runs are screen recorded.

Best Practices

To help protect sensitive data, we recommend you follow these best practices when working with Moropo.

Use Test Accounts

If your app relies on user accounts, create dedicated test accounts instead of using real accounts during test runs. You may even wish to create and delete accounts during a single test run. Moropo's can assist with this.

Only Enter Recordable Data

Every test run in Moropo is screen recorded. So only enter data into your test scripts that are allowed to be recorded as part of your organisational policies.

Keep Team Data Up-To-Date

All users in your organisation can view, edit and delete test and results data. Admins have permission to invite and remove users. It's important that you use Moropo's functionality to remove old users and keep the list of admins up-to-date.

email helper
team management