+36Tired of typing your JSS password every time you walk away from the computer?
Not wanting to tweak Tomcat timeout, which is fragile and may raise security flags?
If either...please vote up:
"Save Password" option for JSS site ;)
https://jamfnation.jamfsoftware.com/featureRequest.html?id=2322
+18I use the Safari extension (there are others and also some for other browsers) "Repete".
http://pavelkunc.cz/projects/repete/
Works great. No such issues - just set mine to reload my JSS page every 10 mins.
But I would not fight this being added to the JSS.
+36@boettchs Unfortunately we're restricted from using third party solutions, or we'd be using 1Password or LastPass. :)
+35+36@bentoms Same problem, it would have to go through an intense review/approval process...not likely to get approved. :/
+16Interesting. You can't use a simple browser extension, yet they'd be OK with storing JSS credentials so it auto logs in, presumably with full JSS Admin rights? I find that very peculiar.
Personally. I don't think this is a good idea. I think the JSS not storing those creds by default is the more secure way to go. While JAMF can't prevent someone from using something like 1Password, LastPass or even Safari's built in password storage, I don't think they should add that as a feature. Keep in mind that for them to sell their product in some regions of the world, the product goes through some heavy security scrutiny. If it was found this was added, it could take them off the table for consideration, or even cause some orgs to drop their product altogether. For example, I know for a fact that one company nearly didn't go with the Casper Suite because it had the ability to track Application Usage, even though its not on by default. The labor unions in their country took serious issue with the fact that it was even possible to do this with the product.
Anyway, I see this as a security issue myself and would not want it personally. I'm willing to bet others may feel the same way. (yes, even if its only optional)
And BTW, can you not just use Safari's password storage to at least auto fill it? That would prevent needing to type it in at the very least. You can't rip that function out of the browser that I'm aware of.
+17I think it works with iCloud Keychain. When we enable it, we get option to save the username and password in JSS site. If you remove the iCloud Keychain, its stored in Local Items.
Thanks & Regards,
Karthikeyan
+36@mm2270 and @karthikeyan.mac That's good info, I guess if we're locking down Safari settings (using MCX, enforced settings), then having a checkbox in Safari won't be helpful. I guess the real solution is to keep your password on a bright yellow Stickie under your keyboard. :)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
