I'm surprised this thread hasn't really been answered yet. One of the things you can do is put the server behind a CloudFlare redirect and use CloudFlare's WAF rules to specify what IPs should be able to access it. You'd also want to set up your IIS server to whitelist /login page to only specific IPs or subnets. Hope this helps. - Mark w/ RAD Computers

Still not a feature yet. However, both Samsung Pass and Google Pixel phones can remember and autofill the username/password. Hope this helps.

We need this badly. Often doing quick checks to see what's on a client's screen takes nearly as long or longer to get the credentials in than it does to see the screen and advise them and end the session.

Start an Echo for this. Password support for remote applications is not related to remembering the login session