How to avoid the password caching by the browser on login into Service Desk Manager.

book

Article ID: 19581

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service KNOWLEDGE TOOLS CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

Description:

Local browsers may cache the password on login so that on future logins the password is automatically filled in based on the entered user id.

This may cause a security gap.

Solution:

To avoid this behavior there are the typical local browser settings for not caching the password, but the best is to avoid this caching from within theService Desk application.

A way to stop the password caching in the application is to add the parameter autocomplete="off" in the login.htmpl.

To do this:

  1. Open the default login.htmpl with the Web Screen Painter and search for the line (see figure):
    <td ><input type="password" id="PIN" name="PIN"></td>
    Change this line to:
    <td ><input type="password" id="PIN" name="PIN" autocomplete="off"></td>

  2. Save and publish the file.
    The new customized login.htmpl will be present under the folder %NX_ROOT%\site\mods\www\htmpl\default.

  3. Perform a pdm_webcache from the command line.

  4. Clear the local browser cache.

    <Please see attached file for image>

    Figure 1

Environment

Release:
Component: ARGIS

Attachments

1558718390836000019581_sktwi1f5rjvs16uwq.gif get_app