I don't know what version, but sometime with a recent update when you enter a username and password in CBB for a NAS drive, it is now caching that credential for Windows.
To explain further, I setup shares on NAS drives separate from Active Directory so that by default, you can't access it unless you put in a username and password.
I just setup a new server on CBB and the first thing I did was verify that the share was not accessible in Windows. I entered the path in Windows Explorer and I was prompted for a username/password. I did not enter anything, just canceled out of the prompt.
I then setup the NAS device in CBB so I can use it for hybrid backups. Once I set it up in CBB, I went back to Windows explorer and I can now access the backup share without any password prompt. So somehow CBB is caching those credentials for use within Windows.
This is a problem and it did not happen in older versions of CBB. The reason it is a problem is if it's caching the credentials for Windows users, it puts the NAS drive at risk for ransomware to encrypt. Previously after setting up a NAS drive like this, I would have to enter network credentials if I wanted to access it in Windows even if CBB had the credentials and was able to access it.
Thanks for the feedback.
I would need the following to transfer this to our R&D:
1) Enable High-level logging via tools > options > Logging.
2) Reproduce the steps mentioned in your post.
3) Send us the logs via tools > diagnostic menu with the link to this thread in the issue description.
Make sure you're doing all of the above on version 6.1.3.9.
I'll contact you in the ticket once I receive all this info.