cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Remove password restoring capability, store only user id in the FRACAS(Relex) tool

0 Kudos

Remove password restoring capability, store only user id in the FRACAS(Relex) tool

Remove password restoring capability, store only user id in the FRACAS(Relex) tool.

Today in the Windchill Quality Solutions - FRACAS module, we have an option on login to remember the login credentials that stores the user id and password in cookies.

The passwords should NOT be stored in a cookie on user's machine. This leads to security issues. It is very easy to hack and break into.

please fix this ASAP.

6 Comments
Newbie

Hello Sapna, nice to hear from you.  Please note that this is not true.  We do not store user authentication as cookies.  If a user elects to have the system remember their user name and password, they are put in Isolated Storage, which is encrypted.

Newbie

Is this isolated storage in the user’s machine or is it on a server

Because if it is on user’s machine it still is not secured and accessible for hacking…

Newbie

This is stored locally, as is common.  It is encrypted.  You may elect not to use it if you do not want to.

Newbie

Also, is you are using Single Sign-on, then you wouldn't use this feature.  hope this helps.

Community Manager
Status changed to: Archived
 
Community Manager
Status changed to: Archived