Protect saved MFA

1 vote

Published 3 months ago

As it is possible to save MFA OTP code images within RDM to be able to fill the OTP very easily, I wonder about tighten the security for that.

How do you protect these entries and the usage of the OTP?
It would be nice to have a yubikey connected to the machine and whenever a OTP usage is requested, the key needs to be pressed. So it still is a second "device" involved.

I wonder what you think about that and how others use/protect it.

All Comments (3)

Samuel Dery

Published 3 months ago

Hello,

Thank you for reaching out to us regarding this,

Could you please specify the version of RDM you are currently using?
What type of data source are you using?

That being said, we do have the following article regarding Enhancing the security for RDM:
https://academy.devolutions.net/student/path/1925316/activity/2668008

It's not on the entry directly but you can configure an MFA or an application Password on the application under File > Settings > Security

Best regards,

Samuel Dery

mad

Published 3 months ago

Hi Samuel

We have that configured for RDM. But the workspace plug in is separately in the browser using the DVLS. And one 2FA prompt at the beginning does not help protecting the OTP codes of the browser for the rest of the day. There should be a prompt whenever an OTP is used.

Best regards.
Patrick

Samuel Dery

Published 3 months ago

Hello,

Thank you for your reply,

I see, I have moved your topic to the feature request section.

This allows our community to submit/share ideas with our development, service desk, and management teams. It’s also an opportunity for our community to demonstrate an interest in your idea. We use this interest to prioritise the features we implement.

Best regards,

Samuel Dery