Assignment Token Security

Hi

I created a customozied installation of teamviwer host for my company and i assigned the token.

I created a script file using the string APITOKEN=xxxxxxxxxx

Now, i connect to my host without password request because the authentication is done by the recognized token.

Is this authentication method secure to prevent external cyber attack? is it better to use classic password-based authentication?

Thanks

Find more posts tagged with

Accepted answers

All comments

Nothing?

Welcome to the TeamViewer Community, and sorry for the late reply! 🙂

I'm happy to help you with your security concerns.

I understand that you have deployed your customized Host module via .msi file.

Regarding the command line parameters, the APITOKEN is responsible for applying your custom design (color, logo) to your Host module. It does not define the connection method you deploy.

If you desire to connect without any interaction with the end user (which is the perfect Host use case), you need to set --grant-easy-access as parameter.

As a result, your command line could look like this for example:

msiexec.exe /i "Path_to\TeamViewer_Host.msi" /qn APITOKEN=xxxxxx CUSTOMCONFIGID=xxxxxx ASSIGNMENTOPTIONS="--alias %ComputerName% --grant-easy-access"

You can find all the documentation regarding how to best deploy TeamViewer here.

Regarding Easy Access, it is a very secure connection authentication method attached to your TeamViewer account.

To maximize security, you can:

Protect your account via TFA.
Enable TFA for connections. It will prompt you on your TFA app to confirm the connection.

Also, please find all information about Security and TeamViewer in our Security Handbook.

I hope this could already help you. If you have any further questions about your deployment, please don't hesitate to come back. I'll be here to help you out.

/JeanK

Hi JeanK

Yes, i used -grant-easy-access parameter and i deployed the msi.

I have a question.

Is there any way to find the api key in the teamviewer host on a client? i don't want that a malicous connect on aclient (with another control software) and find my api key

Thanks

Roberto

All security-related information is encrypted; therefore, you don't have to worry about people connecting to your devices if they have your APITOKEN. They simply can't. 🙂🔐

/JeanK

Quick Links