Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Disabling storing passwords for credentials.
#1
Hi

One of our security restrictions is that no password is stored anywhere. We can store userids though. I suppose it's the option "Always prompt for password", but I can't find the way to enforce it.
I can only give Full Control to Private Objects in the Credentials tree, is there a way to finetune this?

Thanks in advance
Reply
#2
No currently not - but we can add a security option for that asap :-)
Regards/Gruss
Oliver
Reply
#3
Hi Oliver

Yes please! :D

Thanks!

Shaw
Reply
#4
One question for the feature request - we are discussing two different scenarios how to implement - and I want to know how you think about it :-)

1) It will be a global setting in Settings=>Permissions => Enforce using of "Always prompt for password" in credential objects
=> This means that all users including the users who are assigned to the Administrators group will not be able to set any password!

2) It will be a global security assignment with the same text
=> This means that all users who are assigned to a security group where this setting has been activated will not be able to set any passwords - but the users in Administrators group will be - because the Administrators have currently all permissions and we can't know if this option is used or not (Global security assignments of Administrators group can't be edited)

So we would prefer Option 1 - can you confirm that this is the way you expect the feature?!?

Thanks
Regards/Gruss
Oliver
Reply
#5
Hi Oliver

Option 2 would be neat, our Security Officers would very much prefer option 1 though... All or nothing. So, for me, option 1 is perfect.

Regards

Shaw
Reply
#6
Hi Oliver

The option works like a charm! Thank you very much!

Unfortunately it ignores previously entered credentials, so if they already exist, the system leaves them be.

Is there a way to empty the credentials folder for all configured teams? Through a sql script maybe?

Thanks in advance

Shaw
Reply
#7
We discussed this internally - maybe we had ask you before the Patch :-)

SQL scripting is not possible - MultiEdit would be possible but must be done by every user for the private credentials...

Would you like also to ignore any existing creds if the option is activated? Would be no big effort to implement
Regards/Gruss
Oliver
Reply
#8
Hi Oliver

If by ignore you mean enforce prompt for password for existing credentials as well, then yes, please.

Regards

Shaw
Reply
#9
Hi Oliver

Will this be a small fix? Or are you planning a minor update?

Kind regards

Shaw
Reply
#10
Could be implemented in a private fix :-) I will inform you
Regards/Gruss
Oliver
Reply
#11
New version is available

https://remotedesktop.rocketsoftware.com...?tid=10915
Regards/Gruss
Oliver
Reply
#12
Hi Oliver

It works perfectly, thank you very much!!

Regards

Shaw
Reply
#13
(23-11-2018, 09:30 AM)Shaw_S Wrote: Hi Oliver

It works perfectly, thank you very much!!

Regards

Shaw emilydavinci

Because of that work go on hype you can't mark things together cheers  :P
Reply




Users browsing this thread: 1 Guest(s)