Your comments

I recently had 2 machines where users Reset their PC's, I think 20H2 had a fatal upgrade flaw that caused some machines to stop booting. Thought Microsoft fixed the issue, but apparently not. They've started pushing 20H2 installs harder again so it could be that. Still looking for a way to repair this scenario without wiping and reloading.

I wonder if it's somehow related to all these I found in chrome developer console

Probably something related to a plugin maybe? since the code is local for on-prem, and it's all and C# code...anyone delved into how to customize connectwise and disable blocking of the developer extension and adding your own extensions? #AskingForAFriend

Renaming/not using "administrator" (admin, root, user, owner etc) as the username has been best practices recommendations in the computer industry for decades. Microsoft windows domain setup guides are the first I was exposed to the practice in the late 90's. They even have a GPO for auto-renaming computer "administrator" accounts on first joining the domain. 

Using/having default usernames is bad. 

Developers carving exception out of security features to allow uninformed admins to do bad security is worse and not much better than hidden backdoor passwords/access. Hackers will find, and exploit them. 

Could Screenconnect have better onboarding/setup wizard to guide new installs on the path to better security? Yes. As we all know this is a product that has been around for long time now. I've already written up a different feature request about enhancing the "status" section so that best practice testing can be done at any time because in terms of hacker targets: Remote access/RMM system are priority one targets. Recent Solarwinds hacks show the best in the world hackers are on constant attack at those juicy targets.

Renald: Reviewing this:

Goes over IP blocking. It doesn't have IP based fail2ban style greylist/autoban interface but does offer some options.

This is for locking user accounts (not IP's):

Which has MaxInvalidPasswordAttempts

It would be nice for smarter greylisting and blacklisting based on IP...but I'm not holding my breath on that.

Also having same problem, self hosted. Had upgraded from 20.1 (no issue) to 21.1.2091.7689 and now having sporadic popups. Fixes itself in 30-60 seconds, usually just a refresh.

Unfortunately this isn't a find-a-workaround situation. 

Legally speaking if you want to comply with HIPAA/FINRA/SOC/ISO compliance certification then:

If you want to use product x, it needs to do abc. If it doesn't, you can't use it. Audit trail with logs, held and maintained for 2+ years is part of that compliance.

If you use something not in compliance, your regulatory compliance is going fine you x dollars, hold you libel, and remove your compliance certification. No more business for you.

Priorities....and noone has reported them to Medicare or the SEC as non-compliant software due to no audit log. Were they also hacked like Solarwinds? Who knows...and you'll never know because there's no audit logs!

...4 year old thread about a glaring compliance hole in the product, and posts to workarounds that could have been integrated years ago...good thing we have "World Class Security" on our side.