Yes, we are concerned about key loggers. So, while users do technically have a password in AD, we only are allowing remote users to access with RSA token. However, even with Kerberos SSO, it still asks for the user's password. Bottom line is, we do not want users putting in their password on an unmanaged machine.
... View more