Pros and Cons of Remote Session Launchers

Passwordstate has 2 first-in-class Remote Access Solutions, a Browser Based Launcher and a Client Based Launcher.  These are included with all current versions of the core Passwordstate product and at no additional cost.

The key advantage for these built-in launchers is the use of Remote Session Credentials.  This enables automatic authentication to your remote hosts, removing the need for users to have to manually enter credentials. This feature is especially useful for enabling contractors or vendors accounts to be configured for authenticating to hosts without having to have access to the password record.

Both the Browser Based and Client Based launchers operate the same way in relation to protecting your credentials through encryption.  When credentials are retrieved from Passwordstate they are encrypted, sent to the Remote Session Launcher utility/gateway, decrypted and passed to the remote client.

First Time Installation and Manuals

To access the installation instructions, and install either the Client Based Launcher or Browser Based Gateway, simply navigate to Help->Remote Session Management.  From there you’re presented with the option to Install/Configure either the Launcher or the Browser Based Gateway,

and, just to point out what some people may think is obvious, when you’re Installing and configuring the Client Based Launcher… the PowerShell and .Net Framework requirements need to be on the Client PC, and the installer itself needs to be run on each Client PC that will use the Launcher,

Browser Based Launcher

Once installed, the Browser Based Launcher settings, including the Gateway settings and the installer for the Browser Based Gateway are located under Administration->Remote Session->Management,

The screen above includes a high level description of the features found in this Remote Session Launcher.  Providing greater detail on these, the Pros associated with this Launcher are;

Operating System Independence:  As the Browser Based Launcher runs from within your browser you largely have operating system independence.  This makes it not only quick to deploy but also extremely versatile, as there is no client software and associated compatibility issues, required to be installed on each user’s personal computer. 

Supports RDP and SSH Sessions:  RDP (Remote Desktop Protocol) is the most commonly used protocol for connection through to Windows based servers and PCs.  RDP clients also exist for Linux, Unix, macOS, iOS and Android operating systems.  SSH (Secure Shell Protocol) is a commonly used protocol for operating network services securely over an unsecured network.  It was designed for Unix style operating systems as a replacement for Telnet and unsecured remote Unix shell protocols.  Through RDP and SSH support the majority of an organizations computing and infrastructure fleet can typically be accommodated

Session Recording and Playback: This is a significant feature allowing for the recording and playback of initiated RDP and SSH sessions to remote hosts.  The feature is configurable on a per host basis and recorded sessions can be retained indefinitely or automatically purged after a preconfigured number of days.  The recorded sessions capture what is presented to the screen, allowing you to review what commands are typed/opened and the resultant screen updates.

The only real downside for the Browser Based Launcher is that it its support is limited to RDP and SSH sessions, and, that recordings of sessions are produced in a proprietary and highly compressed format which can only be reviewed within the Passwordstate UI (User Interface).

Client Based Launcher

Again, once you’ve installed the Client Based Launcher on each PC, and have setup the appropriate Remote Session Credentials you can start using the Client Based Launcher,

The screen above includes a high level description of the features found in this Remote Session Launcher.  Providing greater detail on these, the Pros associated with this Launcher are;

Support for select 3rd Party Software:  This enables you to continue to use existing investments in products, training and processes in software such as VNC (Virtual Network Computing), Teamviewer and others.  This is offered in Passwordstate for those organizations that heavily use those select 3rd party solutions for other use cases, such as shadowing users when providing training, or for Help Desk Support.  It enables your support teams to use a consistent tool set for all use cases and maximize the return on investment associated with that software.

Local Initiation:  Each launcher is initiated from the client PC.  This can be important in situations where existing 3rd party toolsets have already been installed on those PCs and/or support devices are operated in a high mobility environment (such as work from home/work from office arrangements).

The two downsides associated with this Launcher is that software needs to be deployed to each PC requiring it.  While this isn’t an issue if you’re already deploying the select 3rd Party Software for other purposes, it may be an issue if you’ve just getting around to purchasing it now (you should seriously consider the free Browser Based Option).  The second downside is there is no centralised Passwordstate Session Recording option available.

What’s Our Recommendation?

Firstly, every organization should match the capabilities offered with Passwordstate to their own requirements.  This is really the only way to ensure that capabilities that you plan to rollout match the requirement and use cases within your organization. 

Secondly, and from a purely biased point of view, the Browser Based Launcher option is hard to beat.  No cost or deployment hassles, support for RDP and SSH protocol, and the ability to setup Session Recording for playback later make this our own go to for a Remote Session Launcher (and I did say it was a biased view).  

If you’d like to share your feedback please send it through to