On 09/12/16 17:38, Selva Nair wrote: > Hi, > > A comment on the GUI github page said: > > "For ISO27001 certification, we are not allowed to let users save their VPN > passwords locally. Is there a way to remove or disable the 'save password' > box upon authentication ?" > > Although I suggested to use an up script to delete the saved password, the > GUI displaying a checkbox to save password may not be acceptable to some > setups. Any idea how widespread a concern is this? Note that the GUI saves > it encrypted. Personally I believe not saving passwords encourages users to > choose weak passwords, but we could make the GUI respect any --auth-nocache > in the config. > > More info here (https://github.com/OpenVPN/openvpn-gui/issues/105) > > Thanks, > > Selva >
my2c I think it is down to individual server admins to make this call .. If they have a policy which demands that passwords not be saved and openvpn does not have a robust method to do so, what will they do ? Is it possible to have --push "auth-nocache-override" which enables client --auth-nocache and cannot be filtered out ? Regards ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
