Starting with version 12.9, Kaspersky Endpoint Security for Windows includes the Management of temporary passwords functionality. Management of temporary passwords lets you perform the following actions:
Management of temporary passwords updates the status of the password and revokes the password only after synchronizing the computer with Kaspersky Security Center.
Open the Kaspersky Security Center Administration Console.
In the Managed devices folder in the Administration Console tree, open the folder with the name of the administration group to which the relevant client computers belong.
In the workspace, select the Devices tab.
Double-click to open the computer properties window.
In the computer properties window, select the Applications section.
In the list of Kaspersky applications installed on the computer, select Kaspersky Endpoint Security for Windows (12.9) and double-click to open the application properties.
In the application settings window, select General settings → Interface.
In the Password protection block, click the Settings button.
This opens a window; in that window under Temporary password, configure the storage settings for expired passwords.
Click List of temporary passwords.
Management of temporary passwords window opens. Management of temporary passwords displays the expiration date of the password, the status of the password, and the list of permissions.
Select the active temporary password that you want to revoke and double-click the password to open its properties.
In the window that opens, click the Revoke button.
Save your changes. To apply the policy on computers, close the padlocks .
In the main window of the Web Console, select Assets (Devices) → Managed devices.
Click the name of the computer on which you want to allow a user to perform a blocked action.
Select the Applications tab.
Click Kaspersky Endpoint Security for Windows.
This opens the local application settings.
Select the Application settings tab.
In the application settings window, select General settings → Interface.
Under Temporary passwords, configure the storage of expired passwords.
Click the Temporary password link.
Management of temporary passwords window opens. Management of temporary passwords displays the expiration date of the password, the status of the password, and the list of permissions.
Select the active temporary password that you want to revoke.
In the window that opens, click the Revoke password button.
Save your changes. To apply the policy on computers, close the padlocks .
As a result, Management of temporary passwords sets the status of the password to Revoking (synchronizing with a host). After synchronizing the computer with Kaspersky Security Center, the application revokes the temporary password and blocks the granted permissions immediately.
.
.