ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Preventing user interaction during PAM Transparent Login.

book

Article ID: 186276

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

During the execution of a PAM Transparent Login script including <MouseClick> statements, it may occur that the voluntary or involuntary user interaction with the mouse and/or keyboard causes the input focus to be moved out of the proper entry field making the credential injection unsuccessful. It may even occur that the password can be viewed if the focus is placed on a visible entry field causing a security breach.
Is there any way to avoid this situation? Can user mouse and keyboard interaction be blocked during the credentials injection in a PAM Transparent Login operation?

Environment

Product: Layer 7 Privileged Access Manager
Version: 3.x

Resolution

Use the 'Freeze Input' feature in the Transparent Login scripting.

Allows insertion of a tag that disables user input (keyboard and mouse events) while a Transparent Login script is running. Freeze Input can prevent re-injection of the user password when using multiple browser tabs. This example freezes user input for 10 seconds. Note: Place this statement at the beginning of your script.
Example:  
        <inputfreeze action="enable"/>
        <sleep time="10000"/>                
        <inputfreeze action="disable"/>

Additional Information

See also: 

Configure Windows Transparent Login