Your comments

Hey Joseph is it started or under review?   Getting spammed with all the status changes is getting old.  I'm not really pissed or anything but really, why all the changes to status.

100% sure that the user was approving/confirming the Duo push on mobile and then clicking the logon button exactly as they should be doing it.


Not sure what vertsion of Firefox though.

Are there any plans to support the all the Duo 2FA methods? Right now only push is supported but Duo can use many more methods (multiple mobile devices, OTP, SMS, phone call, bypass code, hardware token, etc) and their API makes it very easy for the user to choose the device and method they want to use to authenticate with.

Good to hear. They supported Connectwise out of the gate but not LabTech. That obviously changed in the months since we left them.


One thing is for sure - it would be nice for the Connectwise family of products to support one 2FA product across the entire line.

Control supports a number of 2FA methods. I definitely would not argue against AuthAnvil but considering they were purchased by Kaseya it seems unlikely (their new cloud product doesn't even work with LabTech)

This is something that Passportal is working on. I'd suggest speaking with your rep there as you may be able to take part in the testing.

This could be dangerous - password saved in browser and 2FA "ignores" machine: 2FA just went to 0FA.

"...it is being implemented in the spirit of being a compliance measure, which shouldn't have any "loopholes" once set by an admin on the server."


Loophole!

Ok, it's working as designed so technically it's not a bug. I get that but it's a bad design.


Below you will find the "Answer" to this request

http://product.screenconnect.com/topics/629-automatic-support-sessions-end-on-inactivity/#comment-2694

"Planned...sort of. We've heard similar requests and we're implementing a configurable option in 6.0 or 6.1. Expected behavior is to not present the option to leave support sessions open and just automatically close once a host exits a session. This will not be permission based as it is being implemented in the spirit of being a compliance measure, which shouldn't have any "loopholes" once set by an admin on the server."


Well, this is a pretty big loophole.