Bypass Privacy Shield with feature "Break the Glass"
  • 18 Apr 2023
  • 1 Minute to read
  • Contributors
  • Dark
    Light
  • PDF

Bypass Privacy Shield with feature "Break the Glass"

  • Dark
    Light
  • PDF

Article summary

Broken Glass 2.png

This feature is available in versions 4.10 and up (failover or logging in if Privacy Shield not working)

HKEY_LOCAL_MACHINE\SOFTWARE\HealthCast\eXactACCESS]
"SDAuthEnabled"=dword: 00000001
"LAORAuthEnabled"=dword: 00000001

The following are possible setting combinations that could be implemented using the above registry keys:

SDAuthEnabled = 0

No failover provided. If the server is down, the user is unable to authenticate and may not bypass the privacy shield (Default behavior)

SDAuthEnabled = 1
LAORAuthEnabled = 1

After a server-down scenario is detected, XA attempts to authenticate "locally" by performing a local login. This can use Windows-cached credentials. If Local login fails, the user cannot authenticate and may not bypass the privacy shield.

SDAuthEnabled = 1
LAORAuthEnabled = 0

  • After a server-down scenario is detected, XA attempts to authenticate "locally" by attempting to verify the user's password if they are already logged into XA.

  • If the user fails to provide the same password as the current user, the login fails, and the user is unable to authenticate and may not bypass the privacy shield.

  • If there are new credentials provided for a different user or no user is currently logged into the XA session, the new user may provide any credentials to unlock the current session, bypassing the privacy shield.


Was this article helpful?

What's Next