Don’t let them store their user name and password against their connection profile, thus making them type it in each time they connect.

To Disable the Option to Store Credentials in Profiles:

When you create a connection profile, the Connection Profile Wizard provides, by default, a check box named Save user ID and password in this profile. If a user selects this check box, then the user’s ID and password are stored in the user’s connection profile on the local file system. Saving the ID and password in the profile allows users to reconnect in the future without entering these values again.

Follow these steps to remove the Save user ID and password in this profile check box from the Connection Profile Wizard and require the manual entry of credentials:

1. On the host of the SAS Metadata Server, open in a text editor the file omaconfig.xml.
2. Change the value of the option SASSEC_LOCAL_PW_SAVE from 1 (or Y or T) to 0 (or N or F).
3. Save and close the file.
4. Restart the SAS Metadata Server as directed in the SAS Intelligence Platform: System Administration Guide.

After you change the setting for this option and restart the metadata server, each client uses the previous setting for its first connection. The client then discovers the revised setting and conforms to that revised setting for subsequent connections.

If you change the setting to disallow saved credentials, and credentials are already present in a user’s connection profile, those credentials must be manually removed.

So you will have noted that you need to do this when you first install or they will have their username.password stored the first time they tick the store details box.

And of course if you have a need for a high level of security then this change is probably a good change.