It would be nice to have the option to share a host past from the toolbar of the session that is in progress. This would allow apps that use the API aka Automate to be able to use host pass. 

Right now i have to give users access to both control and automate but the security permissions are different depending on where you log into the platform from. 

Please add the ability to manually enter in a subnet to scan. This is helpful for companies that have multiple sites with multiple VLANS and VPN.

It would be very helpful if the name of the support account that started the session were included in the file name of the recorded remote maintenance. For example:

I'd like to see better time controls than TrustDeviceExpireDays currently offers.

Use Case: While a lot goes into insure our staff's devices do not get compromised, it could be a matter of time. If an attacker took control of a PC here with saved credentials in the browser, if it's within 1 day, 2FA doesn't prompt.

Sure, you could set TrustDeviceExpireDays to 0, but now I feel I'd be annoying staff with that alone combined with MaxLongestTicketReissueIntervalSeconds.

Ideally, I'd like something like "a few hours" for MaxLongestTicketReissueIntervalSeconds, but maybe 9 hours for TrustDeviceExpireDays (obviously, pretending the word "Days" isn't there).  This would force users to re-authenticate after a few hours idle, but not necessarily have to use 2FA, making the assumption with the times I provided above that the user is still working his/her shift.

It's not a perfect idea, but it's an improvement to MaxLongestTicketReissueIntervalSeconds = 7200 and TrustDeviceExpireDays = 0

Would you be able to add feature to reboot android devices. Currently it doesn’t work using CW client and those controls are useless. This could be handy in many situations. 

can you give a general alert if thumbprints change for your product when you upgrade, this will assist with antivirus issues flagging your product.

We would like to be able to collapse each computer to just it's name under the machine list as it gets really busy. Or have the ability to remove the custom fields under the machine list and just show up on the right pane when the computer is clicked.

Please add an option to select all out of date clients to make it easier to update those clients.

PROBLEM:

The web.config UsePersistentTicketCookie is used badly for BOTH the cookie cache related to staying logged on after closing the browser if forgetting to log off manually (bad for security to leave true, so false is best) as well as used for the new Two-Factor Authentication (2FA) (if you turn the setting to false, now you cannot TRUST a device once you close your browser.

SOLUTION:

a.) Leave the web.config TrustDeviceExpireDays as is, but make it write a 2nd unique cookie for this 2FA, and of course honoring '0' as = false as in not trusting.

b.) Also, have it hide the checkbox if it detects the cookie at '0' as it is odd to have it still show.

c.) Finally, the existing UsePersistentTicketCookie keep as is, but ensure it is a unique cookie ONLY for persistence in staying logged in or not after the browser closes

SUMMARY:

These security measures are distinctly different in their context and application and need to give people the ability to customize either and not have the other one break.