Scribd
Upload
323 views7 pages

AnyDesk Secondary Passwords HowTo

Uploaded by

alisafaie
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
323 views7 pages

AnyDesk Secondary Passwords HowTo

Uploaded by

alisafaie
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Secondary passwords

and permissions
Legal notice
Technical specifications are subject to change without notice. Transmittal,
reproduction, dissemination and/or editing of this document as well as
utilization of its contents and communication thereof to others without
express authorization from AnyDesk are prohibited. Offenders will be
held liable for payment of damages. All rights are reserved.

This document is intended to explain how to set up secondary passwords


and their permissions.

AnyDesk Software GmbH Managing Directors/Geschäftsführer: Ph. Weiser, A. Mähler

Türlenstraße 2 Company Register/Handelsregister: Amtsgericht Stuttgart - HRB 748838

70191 Stuttgart, Germany VAT-ID/Umsatzsteuer-ID: DE 294776378

© 2020, AnyDesk Software GmbH. All rights reserved.


anydesk.com
© AnyDesk Software GmbH, 2020 Windows Group Policies – 07/2020 | 1

Notices

This document is for informational purposes. It represents Any Desk's current product and practices as of the date of issue
of this document, which are subject to change without notice. Customers are responsible for making their own independent
assessment of the information in this document and any use of AnyDesk's products or services. This document does not
create any warranties, representations, contractual commitments, conditions or assurances from AnyDesk, its affiliates,
suppliers or licensors. The responsibilities and liabilities of AnyDesk to its customers is controlled by agreements, and this
document is not part of, nor does it modify, any agreement between AnyDesk and its customers.

AnyDesk is designed to be connected to and to communicate via a network interface. Customer shall establish and maintain
any appropriate measures (such as but not limited to the application of authentication measures, encryption of data, etc.)
to protect the product, the network, its system and the interface against any kind of security breaches, unauthorized access,
interference, intrusion, leakage and/or theft of data or information. AnyDesk is not liable for damages and/or losses related
to such security breaches, any unauthorized access, interference, intrusion, leakage and/or theft of data or information.

In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and
continuously maintain – a holistic, state-of-the-art security concept. AnyDesk provides such concept. You are responsible
for preventing unauthorized access to your systems, machines and networks which should only be connected to an
enterprise network or the internet if and to the extent such a connection is necessary and only when appropriate security
measures (e.g. firewalls and/or network segmentation) are in place. For additional information, please contact visit
https://anydesk.com. AnyDesk recommends applying updates and to use the latest available version. Use of versions that
are no longer supported, and failure to apply the latest updates may increase your exposure to cyber threats.

© AnyDesk Software GmbH, 2020


Technical specifications are subject to change without notice.
© AnyDesk Software GmbH, 2020 Windows Group Policies – 07/2020 | 2

Contents

Notices............................................................................................................................................................................................. 1

Generating secondary passwords ........................................................................................................................................ 3

Permissions tied to a secondary password ....................................................................................................................... 5

© AnyDesk Software GmbH, 2020


Technical specifications are subject to change without notice.
© AnyDesk Software GmbH, 2020 Windows Group Policies – 07/2020 | 3

Secondary passwords and permissions – How-to

Secondary passwords are a new addition to Unattended Access allowing to use different sets of permissions for
each of the passwords. Note that a secondary password cannot be saved as a permanent token.

Generating secondary passwords

To generate secondary passwords, follow this link:

https://my.anydesk.com/password-generator

Fig. 1 Password generator in my.anydesk.com

On hitting the “Generate”- button, a hash and a salt will be shown, the two parts technically representing a
single secondary password. To distribute secondary passwords via Group Policies the value for key
Anynet.SecondaryPwdHashesAndSalts must contain pairs of hash and salt, both belonging to the same
password, according to the following format:

hash1:salt1;hash2:salt2;hash3:salt3;

© AnyDesk Software GmbH, 2020


Technical specifications are subject to change without notice.
© AnyDesk Software GmbH, 2020 Windows Group Policies – 07/2020 | 4

Fig. 2 Group Policies Option Anynet.SecondaryPwdHashesAndSalts

In this example three secondary passwords have been configured. Note that the hashes and salts listed here are
of course only placeholders for their real counterparts and must be replaced by real values in order to make
secondary passwords work.

© AnyDesk Software GmbH, 2020


Technical specifications are subject to change without notice.
© AnyDesk Software GmbH, 2020 Windows Group Policies – 07/2020 | 5

Permissions tied to a secondary password

By default the set of permissions tied to a secondary password is empty. Permissions granted to a user using a
secondary password must be specified explicitly. If this is not done, the user will be able to connect to the target
device but no permissions will be granted.

In order to set up permissions for a secondary password, its hash and a set of permissions must be listed for key
Security.PasswordsPermissions according to the following format:

hash1:perm_a,perm_b,perm_c;hash2:perm_b;hash3:perm_d,perm_e;

Fig. 3 Group Policies option Security.PasswordsPermissions

In this example permissions for three secondary passwords have been defined. The first password is tied to
permissions A, B and C, the second one is tied to permission B and the third password is tied to permissions D
and E. Note that the given example only contains placeholders for the real hashes and permissions and must be
replaced by the real values in order to make secondary passwords work.

© AnyDesk Software GmbH, 2020


Technical specifications are subject to change without notice.
© AnyDesk Software GmbH, 2020 Windows Group Policies – 07/2020 | 6

The following permissions are supported and can be used to replace the aforementioned placeholders for
permissions.

Permission name Allow to ...

control_input control input


hear_audio hear audio
sync_clipbrd synchronize clipboards
clipboard.files transfer files via the clipboard
block_input block input
file_manager use the File Manager
lock_account lock the user's account
record_session record the session
whiteboard draw on the screen
tcp_tunnel create TCP tunnels
privacy_feature use the Privacy Mode
sysinfo request system information
restart restart the device from remote

Fig. 4 List of possible permissions

© AnyDesk Software GmbH, 2020


Technical specifications are subject to change without notice.

You might also like