DC 5.9 Disabling Remember me
Context:
The DAM Center has implemented Remember me functionality by adding the user's credentials to a cookie. That is a security flaw, although probably not that serious.Ā
Solution:
A new config meta field has been added to Config parameters: "Enable Remember me".
Its default setting is true, i.e. Remember me is till enabled out-of-the-box.Ā
If you have a client that's very strict with their IT security, you can then disable Remember me by removing the check mark.Ā
Impact:
There's not much of an impact, as the user still has a session in the API, i.e. refreshing the DAM Center website doesn't log the user out.Ā
Most browsers have an option to remember a user's credentials, either built in or via extensions.