HOW TO

How To Disable the Save Username and Password checkbox when creating a new database connection in ArcGIS Pro

Last Published: September 12, 2023

Summary

Instructions provided describe how to disable the Save Username and Password checkbox on the New Database Connection dialog box so that this setting cannot be persisted in database connection files. This prevents a user from connecting to data they should not have access to, even if they are provided with a database connection file.

In ArcGIS Pro, the default behavior is to allow saving of credentials within database connection files. Adding an entry to the registry disables this functionality.

Esri recommends against storing database-level credentials in SDE connection files. Instead, customers should utilize their operating system authentication pass-through (such as Active Directory), which means no credentials need to be stored in SDE with this configuration.

This recommendation is not based on factors such as the encryption strength of ArcGIS Pro's connection to a database. Instead, this recommendation is based upon a user's ability to distribute database connection files to other users, who would then be able to access the content under the connection creator's account credential context. Saving credentials in a database connection file precludes the possibility of non-repudiation. Strong access controls, such as those requiring the use of a centralized authentication and access control system like Active Directory or LDAP, can help mitigate this risk.

Regarding file transport concerns, please see the following information available on our ArcGIS Pro best practices page.

If you have similar questions in the future, please search the ArcGIS Trust Center, as much of this information is available there.
 
For additional questions or assistance with secure deployment scenarios, we recommend contacting Esri Professional Services, as we have many resources and options to assist with your requests.

Procedure

Warning:   
The instructions below include making changes to essential parts of your operating system. It is recommended that you backup your 
operating system and files, including the registry, before proceeding. Consult a qualified computer systems professional, if necessary.

Esri cannot guarantee results from incorrect modifications while following these instructions. Therefore, use caution and proceed 
at your own risk.

The availability of the Save Username and Password checkbox is determined via a Windows Registry setting.
Follow these steps to disable saving credentials in an SDE connection file:

Create a key called "DisableUsernamePasswordCheckBox" of type DWORD

  1. As an administrator, click Start > Run, type regedit, and press Enter.
  2. In the Registry Editor, drill down to HKCU\Software\ESRI\ArcGISPro\Settings.
  3. Create a new DWORD value named DisableUsernamePasswordCheckBox, as shown in the next image.
image.png
  1. Set the value of the DWORD to 1, as shown in the next image, and click OK.
image.png
  • Setting the value of the registry setting to 1 disables the Save Username and Password checkbox. A value of 0 or any other value results in the default behavior; the checkbox is enabled.

    Once set, the checkbox is disabled, as shown in the next image.

Once completed you should see that the new connection files no longer prompt you with the option of saving credentials.

Article ID: 000021304

Software:
  • ArcGIS Pro

Receive notifications and find solutions for new or common issues

Get summarized answers and video solutions from our new AI chatbot.

Download the Esri Support App

Discover more on this topic

Get help from ArcGIS experts

Contact technical support

Download the Esri Support App

Go to download options