Autostart for Portable app #235
Description
Please set the default autostart (auto-launch) option for the portable app to off by default.
This behavior needs to change as it is flagged by EDR as malicious. A portable app running from appdata temp, creating a persistence mechanism using the registry run key? That’s a red flag. It is rightfully causing alerts on the EDR.
It is good that you have a portable app that can run in corporate environments for users without admin privileges. But the corporate cybersecurity team is notified when an app decides to create an auto start entry in the registry, especially if running from userspace like from appdata / temp.
As mentioned in #89 and #90 and maybe other issues... there is hardly a good reason to autostart the OnlyKey app (unless provisioning several OnlyKeys is a daily task), so no need to have the autostart enabled by default.
A portable app should strive to not write to the registry, if at all possible. Not as an installed app, and not for autorun either.