0

In this question I saw that you can use command key to store credentials and then just run a command like mstsc /v:servername to connect to it without typing anything.

Additionally, you can delete it using the /delete switch of cmdkey...would I be able to make sure when I log out for the day the credentials are gone?

Is this at all safe? Or is it more like ssh-agent where the key is held in memory for a specified period of time? Or is this stored on disk and I should use something like cipher to encrypt the folder before use?

leeand00
  • 1,357
  • 1
  • 13
  • 21
  • Safe from what? [What is your threat model](https://security.stackexchange.com/questions/225012/what-is-a-threat-model-and-how-do-i-make-one)? ā€“ Conor Mancone Jan 30 '20 at 16:11
  • @ConorMancone Iā€™m connecting from my Windows desktop with my regular user account to many Windows Servers with my admin account. (Also these are internal servers) ā€“ leeand00 Jan 30 '20 at 16:18
  • That explains your situation more, but still misses my question. The trouble is that there is no such thing as "safe". Only, "safe enough". To answer that, it's important to know what you are securing and from whom. Are you worried about local attackers? Remote attackers? Are you securing your address book or the nuclear launch codes? In other words: [what is your threat model](https://security.stackexchange.com/questions/225012/what-is-a-threat-model-and-how-do-i-make-one)? ā€“ Conor Mancone Jan 30 '20 at 18:20

0 Answers0