Solved

How to deal with show/hide password control

  • 30 April 2020
  • 3 replies
  • 332 views

Userlevel 2
Badge +2

Hello,

We have built a replacement for Wunderlist ((sub)tasks registration). This will be used by our Terminal drivers. They will use a tablet and the application will be accessed through the Universal GUI with a 4G connection. These tablets will rotate between the different drivers. They will log in with their AD account. Problem now is that you can see the passwords of the other drivers by clicking on the eye of the password control. This is certainly not desirable. This is an example, but I can imagine there will be more situations that this can happen. How to deal with this? For example, can the show/hide password eye toggle be turned off?

 

Thanks in advance.

Randolph

icon

Best answer by Erik Brink 6 May 2020, 09:44

View original

3 replies

Userlevel 5
Badge +5

Hi Randolph,

First of all I would advise your drivers to log off their account before returning the terminal to possible rotate to other drivers.

Currently, our Universal GUI offers no option to hide the "show password” button. I think that's only a part of the solution to solve this, because I think you don't want other drivers to log in with the account of the previous driver. The application on the terminal will only remember the password when someone allows the browser to do so. That's not part of our software. In general that's not a great idea to do on public devices.

Does this answer your question?

Regards, Erik

Userlevel 4
Badge

I would like to add to this to clarify. When you logout of Universal you cannot see the password of the previously logged in account! The only way to make that happen is for the user to allow the browser to save the password. We cannot be responsible for security issues that arise from sharing devices. This problem would also occor if a user logs in to any other personal account and allows the browser to store the password.

If you wish to share devices in this way you should give very clear instructions to the users on how to use these devices.

  • Never allow the device to store passwords if it asks to.
  • Logoff everyting before you pass on the device.
Userlevel 2
Badge +2

Hello Erik and Sebastiaan,

Well in that case. Thanks for the reponse. This does answer the question.

Greetings,

Randolph

Reply