To increase security is it possible to force a user (domain or local) to always put in their password in DataMiner? For example:
- can the "Remember me" option be removed?
- can Windows\Domain users also be forced to put in their password?
Thanks for any suggestions!
Exactly, it is a 24-hour NOC station. Government facility.
I understand the additional security layer for local users where pw is not saved, but what would be the benefit for domain users in your scenario?
I mean, one of the general advantages of having domain users is that you don't need to log-in specifically on DataMiner: if you're logged on the laptop you can instantly log-in on your DMS with a single click.
Where a Cube client is running on a machine that is on the same domain of DataMiner, I can use Windows log-in
(the log-in screen doesn't ask for a pw, just a log-on button)
I'm currently on 3 different systems, one with domain level authentication and 2 without (local users) - where possible, I tend to prefer domain authentication: that way I can mandate users creation and pw security to another team (e.g. IT, AD admins...)
Worth mentioning that for increased Security requirements, HTTPS can be added: Setting up HTTPS on a DMA
This could be better than always exchanging the pw through plain http.
I agree, using domain integration or using SAML to integrate with an external authentication provider, is the preferred way forward.
Yes, ultimately the direction we are moving is SAML whether by Azure AD or another provider. But that may be some months away still.
The password is only remembered in the user session of that computer you are using. I would assume this should be a safe place, unless we are talking about shared computers and accounts on those computers. Is that the case?