Assignment Token Security

Options
RobertoA
RobertoA Posts: 3 ✭✭
in Deployment & Integrations

Hi

I created a customozied installation of teamviwer host for my company and i assigned the token.

I created a script file using the string APITOKEN=xxxxxxxxxx

Now, i connect to my host without password request because the authentication is done by the recognized token.

Is this authentication method secure to prevent external cyber attack? is it better to use classic password-based authentication?

Thanks






Answers

  • RobertoA
    RobertoA Posts: 3 ✭✭
    Options

    Nothing?

  • JeanK
    JeanK Posts: 6,990 Community Manager 🌍
    Options

    Hi @RobertoA,

    Welcome to the TeamViewer Community, and sorry for the late reply! 🙂

    I'm happy to help you with your security concerns.

    I understand that you have deployed your customized Host module via .msi file.

    Regarding the command line parameters, the APITOKEN is responsible for applying your custom design (color, logo) to your Host module. It does not define the connection method you deploy.

    If you desire to connect without any interaction with the end user (which is the perfect Host use case), you need to set --grant-easy-access as parameter.

    As a result, your command line could look like this for example:

    msiexec.exe /i "Path_to\TeamViewer_Host.msi" /qn APITOKEN=xxxxxx CUSTOMCONFIGID=xxxxxx ASSIGNMENTOPTIONS="--alias %ComputerName% --grant-easy-access"

    You can find all the documentation regarding how to best deploy TeamViewer here.

    Regarding Easy Access, it is a very secure connection authentication method attached to your TeamViewer account.

    To maximize security, you can:

    Also, please find all information about Security and TeamViewer in our Security Handbook.

    I hope this could already help you. If you have any further questions about your deployment, please don't hesitate to come back. I'll be here to help you out.

    /JeanK

    Community Manager

  • RobertoA
    RobertoA Posts: 3 ✭✭
    Options

    Hi JeanK

    Yes, i used -grant-easy-access parameter and i deployed the msi.

    I have a question.

    Is there any way to find the api key in the teamviewer host on a client? i don't want that a malicous connect on aclient (with another control software) and find my api key

    Thanks

    Roberto

  • JeanK
    JeanK Posts: 6,990 Community Manager 🌍
    Options

    Hi @RobertoA,

    All security-related information is encrypted; therefore, you don't have to worry about people connecting to your devices if they have your APITOKEN. They simply can't. 🙂🔐

    /JeanK

    Community Manager

Trustpilot

Categories

This Week's Leaders