Refer to my comments above: this is not secure. But here's how you could put a small speed bump in an attacker's path.
Encrypt this file with the encrypt() function, then run the encrypted file.
// Pre-encrypt this using edit->encrypt script. There
// is no need to use a run password, and no reason to
// make a complicated edit password. "a" is good enough.
//
// Caution: this is not secure. No password is needed to
// view this data, though JMP is required to decrypt it.
// If you need a decrypt password+prompt, you'll need to
// manually go through the GUI for encrypting scripts.
// https://community.jmp.com/t5/Discussions/How-to-handle-user-password-information-in-JSL-ODBC-connection/m-p/627942#M82631
encrypt = Function( {name, pass}, {x},
x = Expr( 1 + 1 ); // throw an error if not working
// https://community.jmp.com/t5/Discussions/How-to-check-if-the-running-script-is-encrypted/m-p/624766#M82350
If( Char( Name Expr( x ) ) == "1 + 1",
Throw( "the encrypt function needs to be encrypted to work correctly." )
);
// strings generally stay unencrypted. expressions
// that are not simple strings or numbers try to stay
// encrypted. The concatenation operator is enough to
// keep the expression's strings encrypted.
Char( Eval Expr( {Expr( name ) || "", Expr( pass ) || ""} ) ); // return value
);
Then run this to see how it works
// use the encrypted encrypt function to make an encrypted list
name = "fred";
pass = "1234";
crypt = encrypt( name, pass );
If( length(crypt) < 500 + Length( pass ) + Length( name ),
Throw( "not encrypted. Did you execute the *encrypted* file containing the encrypt function?" )
);
file = Save Text File( "$temp/credentials.jsl", crypt );
name = .;
pass = .;
///////////////////////////////////////////////////
{name, pass} = Eval List( Parse( Load Text File( file ) ) );
write("\!nsaved file contains\!n",Load Text File( file ),"\!n\!ndecrypted is");
show(name,pass);
saved file contains
{JSL Encrypted("//-e12.1\!r\!n0,\!r\!n208,4193eJwNytmBhSAMAMB+tgWCCRBUkMuLgP0X8na+B3NI2evLjsG330/RUttTTEpOYhEyJ7JlBa2j1uAnpks3G3wTgpF7tJ8jqYrL\!r\!nPvBetVXPxNjKIWh06B9i+P/zfrd+bo6IP7eUOA3kSsGoaGA1x0ovXovyGmy481u4wqIGYKnEhvuG6XAE4Qk19cmunKo32uGJkuTv\!r\!nB+khNtw=\!r\!n,0,"), JSL Encrypted("//-e12.1\!r\!n0,\!r\!n208,4193eJwNzIkBxBAQAMB+rgWE9R1hQ/z0X8jdFDAcfUTDilxLV+PeyWbK7YEYHKE3A1bfMa7gUzjO2CxkyPwsVDPxS0TN9WNptpRC\!r\!nLxnShIpDYKmeKzWIoUTSF6XX/fjReuqKrYKwJ9yptTwR2DfaI2j/AlFVHd/bP3Mqa0cFcuV1KCuTGp9XmOmvrXe9+Dai8GNZN+Hz\!r\!nAxwZN40=\!r\!n,0,")}
decrypted is
name = "fred";
pass = "1234";
JMP does not include a function for programmatically encrypting scripts, only the interactive GUI. This workaround does not allow specifying the run or the edit password. There is no run password (any one can run it) and the edit password is unknown. You might prefer a different solution that would put {"fred","1234"} in an edit window and let the user manually encrypt (or not) before saving it. The user could then decide if they want a prompt for a run password, which would be a little more secure.
Craige