Avoiding User Credential Sharing

I want to know how Quicksight handles/avoids credential sharing.

For example: What if I create a reader and this reader shares the credentials with someone else?
Now one person accesses dashboards through say Google Chrome and the other person uses the same credentials and starts a new session through Safari.
Does this get handled and avoided automatically?

We want to ensure that nobody should be able to use the same credentials for starting multiple sessions.
Want to know if the reader is automatically logged out of a session if another session with the same credentials begins elsewhere?

Hi @Shambhavi - Good question. I do not think so, same user can logged into QS via multiple browser with same credentials. I believe user should NOT share their security credentials, its a violation at first level only and in cloud security is a shared responsibility.

However we should request whether we can implement any security posture from QS level or not. Let’s hear from other experts @David_Wong @Max @Koushik_Muthanna

Regards - Sanjeeb

1 Like

To test this myself, I opened my account in Google Chrome and Safari at the same time and it did let me do so. So I am a little more concerned now as to how can we avoid this.

@Shambhavi, since in this scenario user is willingly sharing their credentials with another person, that person has valid credentials to access QuickSight content and can access QuickSight. If you want to restrict/monitor such scenarios, you have couple of options 1/you can use CloudTrail monitoring since QuickSight is integrated with CloudTrail, 2/ Use IP restrictions to control access to Amazon QuickSight