ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CA SDM for save passwords or autocomplete in browser

book

Article ID: 145700

calendar_today

Updated On:

Products

CA Service Desk Manager KNOWLEDGE TOOLS CA Service Desk Manager - Mobile Application CA Service Desk Manager - Xtraction

Issue/Introduction

Most recent browsers have features that will save password field content entered by users and then automatically complete password entry the next time the field are encountered.
This feature is enabled by default and could leak password since it is stored on the hard drive of the user. The risk of this issue is greatly increased if users are accessing the application from a shared environment. Recommendations include setting autocomplete to "off" on all your password fields. 

 

Environment

Release : 17.1/17.2

Component : SERVICE DESK MANAGER

Resolution

User who logs in saves the login data (username and password) it will autocomplete regardless of the change made. 

Each time a user makes this save, the user's name will not be listed, but as the browser works, when entering the first letter of the user, it will propose the user that is saved at the browser level. 

Regrettably, saving the password is outside the administration of the tool and must be administered locally or in the case of Internet explorer/other browser types, administrator have to validate a GPO (Group Policy Object) that avoids that option. 

This behavior is at the administration level of the browser and not the application and its recommended to have to check with local system admin.