Pending Review

Is there a way to password protect at unattended (Access) session before it starts, and before a "command" is executed?

2 years ago • updated by 2 years ago • 1

One of my users was compromised and created a new admin account (since deleted).... even though my guy has 1 32 character password and MFA....

Vote

Password Protect unattended session is not a Control feature, but we recommend a couple of things here:

Role based permissions to restrict technicians from having access to machines they do not need by removing the permission HostSessionWithoutConsent (List of role-based security permissions - ConnectWise)
Require Guest Consent before connecting (Prompt guest for consent before connecting to a remote machine - ConnectWise
Lock on Connect which can be enabled via the Advanced Configuration Editor (Advanced Configuration Editor - ConnectWise)
To prevent a technician from running a command from the host page, remove the role permission (RunCommandOutsideSession)

Answer

Password Protect unattended session is not a Control feature, but we recommend a couple of things here:

Role based permissions to restrict technicians from having access to machines they do not need by removing the permission HostSessionWithoutConsent (List of role-based security permissions - ConnectWise)
Require Guest Consent before connecting (Prompt guest for consent before connecting to a remote machine - ConnectWise
Lock on Connect which can be enabled via the Advanced Configuration Editor (Advanced Configuration Editor - ConnectWise)
To prevent a technician from running a command from the host page, remove the role permission (RunCommandOutsideSession)