Remotely track where self-defined passwords are set
Hello all,
a recent incident brought some attention onto Teamviewer.
A device had a custom password set, for easier access (Easy access not enabled though). Recently the user of the device noticed an unknown Teamviewer Session while he was using that device, causing some problems.
Now, that I am currently investigating on that, I found out that the password that was set was extremely easy. Therefore I guess that password was compromised and used to access that device.
Onto the question: Is there any possibility to see which devices are having such a password for easier access? Maybe this is somewhere set in a registry (e.g. PasswordSet = 1).
Or there might be another possibility to check this.
Thanks! :)
Answers
-
Hi @mizim,
Welcome to our Community, we are happy to see your first post.
We regret the unknonw access to the device and the inconvenience this may cause.
Regarding the possibility of remotely tracking where the password was set, for security reasons, the system does not generate any kind of report with the passwords. This is something that is directly controlled by the user or the company profile administrator.
In your case, to prevent a similar situation from happening again, we would advise you to customize a module or full client installed, set a password in the configuration so that nobody can access or modify it, and then perform a mass deployment.
💡 We would like to add this link where we present our Six Golden Security Rules, which we recommend to all our users:
We hope all this information will help you and don´t hesitate if you have other questions on doubts.
Best
Valeria
Moderadora de la Comunidad en Español/ Spanish Community Moderator
0
