Automatically clear saved credentials

Avatar
  • updated
  • Pending Review

For security we would like the ability to enable a feature that would automatically clear stored credentials when we disconnect from a session.

Avatar
0
Patrick

I would also suggest an option to make a change (either change the registry value or use group/local policy) to the machine you are saving credentials for, to ENABLE "DO NOT DISPLAY THE PASSWORD REVEAL BUTTON"

In group policy, this is located here:

COMPUTER CONFIGURATION > POLICIES > ADMINISTRATIVE TEMPLATES > WINDOWS COMPONENTS > CREDENTIAL USER INTERFACE > DO NOT DISPLAY THE PASSWORD REVEAL BUTTON

I have enabled this on all local and client machines, but even in my local environment... I want my techs to be able to connect and login using saved credentials, but do not want them to be able to see the password!

Avatar
0
jweyts

This should be a no-brainer - saving credentials should be a temporary thing.

Avatar
0
Kevin Tuinstra

This functionality would be very helpful - to clear the credentials after disconnect an access session.

Avatar
0
Karla Kruizenga

Has there been any movement on this request...other techs shouldn't be able to use my stored credentials or should be cleared from machine after 4 -8 hours

Avatar
0
SeanL

I agree, these should auto clear when a engineer disconnects. Also, the stored credentials should only be for the user who requested them, they should not be available to all users that connect to the same machine!

Avatar
0
Mark

I'm very surprised to find that there (still 3 years later) isn't even a measure of control over removal of these credentials.  There should be an option to clear credentials on disconnect as well as a setting to clear all credentials globally after a certain period of time.

Use cases:  

  • Senior engineers working on a system during multiple sessions throughout a day.  These credentials should persist  between sessions and be made available as defined by their senior engineer role.  The global setting, perhaps 4 hours, would then clear any credentials that are still stored/available.
  • Level 1 engineers working on email/printing issues while a user is at lunch.  These credentials should be cleared upon disconnect as defined by level 1 engineer's role.

I understand that the engineer can prompt for credentials again and then store blank credentials before disconnecting.  However, that is a grossly inadequate method of handling a potential security hole.

Avatar
0
Jason Tenpenny

I actually assumed this was the way it worked. I was quite surprised that it kept the credentials after the host disconnected. This is a security concern for me. I would like the ability to have those deleted either after a host session is disconnected, or after a certain period of time.

Avatar
0
Doug Sinton

i would like the ability to set when the credential clears. lowest option would be on disconnect and then up to x days.  

Avatar
0
anonymous
  • Pending Review


Top contributors

Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar