Highlighted
Posted by stuey
Henagon

SAML 2.0 lets get SSO please

So we use Team Viewer to access hundreds of computers in our organisation, as a result it has to be secure. We also use OKTA SSO (not Active Directory), to authneticate with 95% of our systems, this of course means that when someone leaves we can cut them off from everything in one click, however TeamViewer does not yet allow that. FYI LogMeIn does support SAML.

It's also worth pointing out that using Captcha can acutally make the login process less secure. The reason is that most security savvy people these days use SSO or a password manager, If you use one of these methods (and I recommend you do) while the browser is in that limbo state i.e. Password and username filled in but captcha waiting to be clicked, it is possible to Press F12, inspect the browser elements and view the password in clear text. Which of course a nefarious piece of malware could easily do.

As a fallback my company were hoping to use Secure Web Authentication (not as good as SSO) via OKTA and authenticate our IT support folks in that way, without giving them a password they would know, so that if someone left the company we could cut their access via our normal procedures. However because the Captcha stalls the process, the user (or another user) could discover that password. So now we have to deprovision that user in another system (TeamViewer) as well as our SSO system and a few others too.  The ideal situation would be that TeamViewer did what most of the industry is now doing and provide SAML support, but while we wait for that I would love the option to disable that captcha thingy, at least on my own browsers.

2 Replies
2 Replies
Posted by mlandsman
Photon

Re: SAML 2.0 lets get SSO please

At this point in the game, all major applications should start adopting SAML or other SSO technologies. It is a must when managing many applications and their permissions and identities

Posted by DomLan
Heptagon

Re: SAML 2.0 lets get SSO please

Hi @stuey

this is TeamViewer's most recent answer.

Regards

Domenico Langone
MCSD: App Builder