For security we would like the ability to enable a feature that would automatically clear stored credentials when we disconnect from a session.
i would like the ability to set when the credential clears. lowest option would be on disconnect and then up to x days.
I actually assumed this was the way it worked. I was quite surprised that it kept the credentials after the host disconnected. This is a security concern for me. I would like the ability to have those deleted either after a host session is disconnected, or after a certain period of time.
I'm very surprised to find that there (still 3 years later) isn't even a measure of control over removal of these credentials. There should be an option to clear credentials on disconnect as well as a setting to clear all credentials globally after a certain period of time.
I understand that the engineer can prompt for credentials again and then store blank credentials before disconnecting. However, that is a grossly inadequate method of handling a potential security hole.
I agree, these should auto clear when a engineer disconnects. Also, the stored credentials should only be for the user who requested them, they should not be available to all users that connect to the same machine!
Customer support service by UserEcho