That was super helpful. - Thank you!

I've made other tweaks to the appearance in the past and never thought about altering the password appearance. This won't tell our users specifically what the cause is but hopefully will get them much closer. 
 

I also altered what happens when the tokens stops working. This better aligns with what is really happening. 

I'm going to add a note to this since connectwise spent the time building the security alerts but didn't provide a way to reference the users email in the alert. 

I stand by my comment above. What is the purpose of notifying just the admin?

I agree on account lockouts but in reality you want to notify the end user in some of these instances. i.e  

Example -

System: hey user, your password was changed. 

User: Wait, i didn't change my password... Hey admin, what's going on?

System: Hey user, new login detected...

User: Wait, i didn't login.... Hey admin, what's going on?

Let the end users be our eyes and ears.. I don't mind CC'ing the admins but let the end user assist us in detected malicious activity. 

https://docs.connectwise.com/ConnectWise_Control_Documentation/ConnectWise_Control_release_notes/ConnectWise_Control_2021.15_Release_notes

Sorry if I didn't fully read your comment.  It seems as if you were asking for it in the thick client and not the Automate web interface? 

I know this doesn't help, but i think their plan is to decommission the thick client once all the features have been implemented into the web. Sorry if I led you down a rabbit hole.  

From the automate thick client. 

This is customizable in the web. You could probably set it super high if you wanted. 

But it's up to your admin to configure. 

Advanced > System Options

Hi Chris,

   It's a permission in Automate. I have it turned off for all our techs. 

Oh those ones.. 😬   Thought i would try. 

This playback speed?

21.11 and it still happens. 

Our Cloud Hosted Instance of Control went down for over 8 hours this past weekend and our customers are now extremely angry because we filled their event logs and monitoring systems with millions of alerts. 

We just need a simple.. Lost Connection / Connection Returned with some safety for connections that flap. Maybe remember the timestamp from the last write to ensure the event logs are not being spammed. 

Look at the garbage below. 

System.Net.Sockets.SocketException (0x80004005): An existing connection was forcibly closed by the remote host
   at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
   at ScreenConnect.SocketNetworkConnection.Receive(Byte[] buffer)
   at ScreenConnect.NetworkConnection.<.ctor>b__0_0(BlockBufferReadStream stream)
   at ScreenConnect.BlockBufferReadStream.OnNeedsBufferCycled()
   at ScreenConnect.BlockBufferReadStream.Read(Byte[] buffer, Int32 offset, Int32 count)
   at ScreenConnect.Extensions.ReadByteDefault(Stream stream)
   at ScreenConnect.BlockBufferReadStream.ReadByte()
   at System.IO.BinaryReader.ReadByte()
   at ScreenConnect.MessageSerializer.Deserialize(BinaryReader reader, Type requireBaseClass)
   at ScreenConnect.EndPointManager.ReceiveMessage(BinaryReader reader, Type requiredBaseMessageType)

Thanks, 

I did that this morning because our instances was not working. But, after doing that it hung and the cloud website looped for over an hour. 

Support then asked where i moved it from. I said i never actually moved but used that to restart the instance.