+6
Under Review

ScreenConnector One Time Password

Josh T 2 years ago updated by Sean Helling 1 month ago 11

Hello,

Is there a way to add a "remember this computer" box to the One-Time Password within ScreenConnector?  We are using version 6.9.21691.6956.

Available in Version:

Agreed.  I'm using the Cloud Version and ScreenConnector is great but TFA kinda killed it.  It would be nice to have a "Trust This Device" instead of "One Time Password".  Just a matter of adding it to the user.config file.  Look forward to seeing this implemented.

Louis

Caitlin,  any updates on the Review process for this request?  I'm not a super heavy user, but due to session time-out settings we have implemented and the TFA process I'm currently generating about 20+ of these one-time password emails a day just accessing the same 5 or 6 servers.

This feature request is currently under review with Dev. I'll update here when I have more information. Thanks for your continued interest!

+1

Afternoon:


Pressing on this issue as it is a feature killer without remembering the TFA. I am a heavy "ScreenConnector" user.

Any Updates?

I would be glad to "test" this out.

Louis James

I just enabled TFA on our systems and I agree with Louis...having the "remember" feature would make a ton of sense...especially since it is a "one time password".   :)

Thanks for bringing this up Louis and appreciate you reviewing (and hopefully implementing) this feature Caitlin.

Caitlin, Any updates on integration of Trusted Device TFA for the ScreenConnector app?

+1

Sadly, it seems they moved this to the back burner.  There has been NO response.  

HOWEVER, one possible way to get their attention is to "review" the Extension in the Extension MarketPlace.  I just posted my review of TWO (2) stars out of FIVE.  I clearly noted that it's worthy of a FIVE STAR rating but until they get this fix, TWO STARS is the best they will get.

Maybe STARS is what will motivate them.

Updated my review as well...crazy how many of the poor reviews are due to this exact same issue.

Hey guys!  Love this tool, hate having to enter my OTC every time. Would also love a 'Trust this device' option here.

Thanks!

This was a great tool for speeding up workflow; I triggered this with a keyboard shortcut via AHK and would just type the name of the machine I needed to connect to. Because it now requires you to reauthenticate via 2FA while instantiating every connection, it's become useless for the purpose of accelerating workflow.

My suggestion is to add a single-use token generation/revocation system under the Admin>Security tab for the purpose of authenticating first and third party apps with this type of functionality. This allows auditing of connections on a per-client basis in addition to per-user, and shifts the attack surface from a passphrase to something ephemeral, which should hopefully address any security concerns the dev team has about this.