Orchestrator Save password can be visible

Hi @Pablito @loginerror

reporting an issue on Orchestrator about the password,
we can use the password save on browser and login
But the problem Is that save password can be visible to others also

Capture.JPG493×538 22.8 KB

The problem is like this .
user A is a log and saves the password, that’s ok and leave,
and user b came and sit and click show icon it’s visible the user A password

My suggestion is when user type the password if he needs when click show should be visible but saved password visibility is cannot acceptable, its a security issue.

Effected Orchestrator versions 19.4.4 & 19.4.10

Hi @Maneesha_de_silva

It would seem that the basic fix to stop this from happening would be to not share the user account between different users.

You could just as well extract this password from Chrome settings, or probably multiple other ways.

Have you considered setting up a separate user account for other users?

As it stands, there is very little chance for this idea to be considered.

yes can extract but, it’s requesting, user credentials to proceed then ,
But the thing in here, we can see the password as “Dots” but when I click show button even save password is also visible

My point is, when user type password and click “show” then its ok but, when get the password form save and click “show” is also visible, I think it should not seem to be as security issue