What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

How can I change the time until authentication on admin pages is required?

Votes:

0

I would like to adjust the time after which a user has to re-authenticate on PRTG system administration pages. Or, if possible, I don't want to be logged out from admin screens at all. How can I individually define the seconds until the credentials window appears on account settings and system administration or can I even stay logged in on admin pages all the time?

account-settings authentication logout prtg re-authentication reghack registry security settings system-administration

Created on Aug 5, 2014 3:34:16 PM by Gerald Schoch [Paessler Support]

Last change on Mar 2, 2015 5:27:42 PM by Gerald Schoch [Paessler Support]



1 Reply

Accepted Answer

Votes:

0

This article applies to PRTG Network Monitor 14.x.11 or later

Defining the Time until Re-Authentication is Required on Administration Pages

Among various security enhancements that come with PRTG version 14.x.11 and 14.x.12, one security improvement is the required re-authentication on administrative pages in the PRTG web interface. If you as the PRTG System Administrator use subpages of Setup | Account Settings or Setup | System Administration, PRTG requires that the last credential based login was less than 15 minutes (900 seconds) ago. If more time has passed since then, you have to re-login with your credentials in a dialog box before you can continue to work on the settings. This behavior secures the PRTG web interface against potential phishing attacks.

The default time for required re-authentication is 900 seconds. PRTG provides a registry key option to set this time depending on your needs. With a value high enough, you can also basically disable the automatic logout. Please follow the steps below.

Note: As PRTG System Administrator, you can set a time after which the web interface performs a complete logout automatically under System Administration | User Interface, section Website. This setting does not affect re-authentication on admin pages!

Steps to Go

Caution: Please back up your system before manipulating the Windows registry!

  1. Stop your PRTG core server.
  2. Open the registry editor and navigate to the following subkey:
    1. On a 64-bit Windows system, navigate to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Paessler\PRTG Network Monitor\Server\Webserver
    2. On a 32-bit Windows version, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Paessler\PRTG Network Monitor\Server\Webserver
  3. Check if the DWORD entry reauthafterseconds already exists. If not, restart the PRTG core server to create this entry automatically with the default value. Then stop the core server again.
  4. Right-click on the entry reauthafterseconds.
  5. Select Modify…
  6. In the Value field, enter an integer value to define the number of seconds after which re-authentication on admin pages will be required. Default is 900 seconds. Note: Choose Decimal base.
  7. Confirm with Ok.
  8. Start the PRTG core server to apply the changes.

With this registry key option, PRTG requires re-authentication on admin pages only after the number of seconds that you defined. You can define a very high value to basically disable the logout function on admin pages in PRTG. For example, use 9999999 seconds to sort of deactivate the automatic logout and stay always logged in.

Created on Aug 5, 2014 3:38:27 PM by Gerald Schoch [Paessler Support]

Last change on Mar 2, 2015 5:46:37 PM by Gerald Schoch [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.