I have one problem with using 2FA in PVM 18.104.22.168
Our company use MS SQL Server as a Data Source and I customize second factor with using Google Authenticator.
But in the case of compromised account (the attacker knows the username and password) the second factor will not work because attacker can make new Data Source with its own Google Authenticator and victim will not know that someone work parallel with it.
I found in PVM some event logs where can control who and where is connenct to our database.
Can you tell me is there another 2FA with work normal in the case of compromised account?
Is there somewhere event logs which we can use to control users access to DB?
With a SQL Server data source like you have, it's possible to force a 2FA to authenticate to access the datasource, however you cannot force your users to use a specific 2FA.
In Administration -> Data Source Settings -> Security and enable the Force data source 2FA configuration. This will force your users to have a 2FA configured to access the database. With this option enabled, they would need to configure a 2FA. However, they have the choice between Duo, Google Authenticator, Auth Anvil and Yubikey. For more information, please consult https://help.remotedesktopmanager.com/datasources_2factorauthentication.htm
If you want to force your users to use Google Authenticator, you would need to use Devolutions Server as your data source.
Please note that we have a refresh issue with the 2FA in PVM 8.1. The issue has been resolved internally and the fix will be available in the next release of PVM. If you want to use this feature properly, I suggest you to use PVM 22.214.171.124 for the moment. You can download this version here
Thank you for the answer.
Is there in PVM some tool where I can see whick user coonect to server?
If we dont have capabilities to controll using 2FA we need to see the event log and understand that someone connect to DB from the different address.
You have full details in the Usage log that exists when you use an Advanced Data Source (SQL based, our Devolutions Online Databases, or the Devolutions Server).
Our stance on security is that its much better for the end user to never get the chance to learn the passwords. Unless you take measures that makes it impossible for your staff to connect using another tool (mstsc, putty, etc), you will never have a secure environment once they know the passwords. You only true log of connections will be on the remote host itself.
Password Vault Manager is a tool to share such information, the only thing you can hide from your staff are credentials that are used to authenticate on web sites. By the way you describe your requirements, this is not your case.
Depending on the technologies that you use, Remote Desktop Manager could be a better choice.