+17
Pending Review
Automatically clear saved credentials
For security we would like the ability to enable a feature that would automatically clear stored credentials when we disconnect from a session.
Customer support service by UserEcho
i would like the ability to set when the credential clears. lowest option would be on disconnect and then up to x days.
I actually assumed this was the way it worked. I was quite surprised that it kept the credentials after the host disconnected. This is a security concern for me. I would like the ability to have those deleted either after a host session is disconnected, or after a certain period of time.
I'm very surprised to find that there (still 3 years later) isn't even a measure of control over removal of these credentials. There should be an option to clear credentials on disconnect as well as a setting to clear all credentials globally after a certain period of time.
Use cases:
I understand that the engineer can prompt for credentials again and then store blank credentials before disconnecting. However, that is a grossly inadequate method of handling a potential security hole.
I agree, these should auto clear when a engineer disconnects. Also, the stored credentials should only be for the user who requested them, they should not be available to all users that connect to the same machine!
Has there been any movement on this request...other techs shouldn't be able to use my stored credentials or should be cleared from machine after 4 -8 hours
This functionality would be very helpful - to clear the credentials after disconnect an access session.