I have a customer who has asked that security be beefed up on user access. They've been using an older OpenVPN client for a while as it looks like they haven't been redeploying the updated clients after they update their pfSense versions.
Now that they're using a newer client, they've gained the ability to save their passwords and would like to disable it to prevent users from saving creds. They already have two-factor auth but the president just wants that extra piece of mind.
The client changelog shows that the ability to disable password saving was added in 2.4.1. I want to get them using 2.4.3 now and based upon some Google searching, It's my understanding that auth-nocache now also disables password saving as well as caching. In testing, however, I haven't been able to achieve that. We had it in the client config file to disable caching but it doesn't seem to have an impact on password saving.
Can anyone tell me what I'm missing in getting the password save option disabled for these users?
Password Save
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Password Save
When you install openvpn 2.4.3 read all the options ..
-
- OpenVpn Newbie
- Posts: 2
- Joined: Sun Jun 25, 2017 12:21 pm
Re: Password Save
Thanks. Some days I'm smart. Other days...not so much.
I had found the advanced options clearly indicating how to set the feature. Our next step is ensuring that password save gets disabled by default to prevent users from doing so. Working on that now.
Thanks for the help!
I had found the advanced options clearly indicating how to set the feature. Our next step is ensuring that password save gets disabled by default to prevent users from doing so. Working on that now.
Thanks for the help!