With Passwordstate you can track passwords for individuals, or create Shared Password Lists to be shared amongst multiple people.
Password HistoryChanges to passwords, and associated account details, are kept for the life of the record.
Password ComparisonCompare history records for changed passwords, visually showing changes to fields.
Real-Time Password Change NotificationUsers can elect to receive email notifications when passwords are added, editing or deleted from a Shared Password List they have access to.
Import and Export PasswordsEasily import or export lists of passwords for either safe storage outside of Passwordstate, or to reduce the amount of time adding new passwords.
Secure Access to Shared Password ListsShared Password Lists are controlled by granting access only to the individuals requiring access. The ‘List Administrator’ role provides granular control over who has access, and who can modify a shared list.
Expiring Passwords ManagementView expiring passwords in a calendar view, or elect to receive an expiring passwords report either daily, weekly or monthly.
Password AuditingView real-time changes to personal or shared passwords.
The ‘Administration’ area of Passwordstate provides Security Administrators a set of tools for managing and reporting access to Passwordstate, and various governance related features.
AuditingEnd-to-end auditing reporting on 23 different types of events within Passwordstate, including which user made the change, and the IP Address of the computer they made the change from.
Customised Email TemplatesAll emails generated from within Passwordstate can be customised to your liking, and can be enabled/disabled as required.
Shared Password List ReportingSecurity Administrator’s can now see and administer all Shared Password Lists. The passwords for the shared lists are not visible, unless the Security Administrator has elected to allow passwords to be exported as part of the export feature.
Password Strength PolicyAllows Security Administrators to specify criteria for reporting on the strength of passwords within Passwordstate. This provides users with visual representation of password strength, either when entering passwords, or in each of the grid views.
2nd Level Password ProtectionTo further secure the Administration area of Passwordstate, additional 2nd level password protection can be enabled.
Multiple Active Directory Domain SupportPasswordstate supports multiple Active Directory domains and forests, allowing importing of users, and cross domain authentication. User accounts can also be imported/exported from CSV files.
User Acceptance PolicySecurity Administrators can elect to prompt Passwordstate users with a customised User Acceptance Policy, outlining to usage principles for Passwordstate. This policy can be a mandatory, requires acceptance from the user, or you can elect not to have a policy at all.
Passwordstate 4.2 ensures the integrity of your sensitive data, by securing the back-end from system administrators, and the front-end from unauthorised access.
Encryption and ObfuscationTo protect the privacy of sensitive data, all passwords are stored within the database using 256 Bit AES Encryption, and sensitive code is protected by the use of precompiled ASP.NET pages and obfuscated .NET Assemblies. No longer can web or database administrators gain access to data they are not authorised to view.
Unique Initialisation VectorEvery instance of Passwordstate generates its own unique Initialisation Vector for encrypting data.
Automatic Logout PeriodAn Automatic Logout Period can be specified for inactive sessions i.e. if a user leaves Passwordstate open on the screen, it will be automatically logged out once the logout period is reached.
Integrated Windows AuthenticationIntegrated Windows Authentication provides a greater level of secure access to Passwordstate
Optional Two-Factor Authentication for Administration AreaSecurity Administrators can enforce a secondary login into the Administration area, protecting against System Administrators logging onto the Active Directory domain using the Security Administrators domain account, and gaining access to the Administration area of Passwordstate.
With multiple Active Directory Domain support, and built on Microsoft's web and database platforms, you can scale your solution from a single user to the enterprise.
Role-based access permissions in Passwordstate ensures only authorised access to sensitive data is possible, and governance of Passwordstate usage is well managed. Passwordstate has 4 key roles:
Receive real-time email notifications when shared passwords change, and view auditing information for events relating to your access control.
For a list of audit events within Passwordstate, please click here - Audit Events
Passwordstate leverages the investment your have made in your Active Directory implementation, and fully supports multiple Active Directory domains and forests.
In addition to importing user credentials direct from Active Directory, Passwordstate also uses the authentication mechanism inherent to Active Directory & Internet Information Services.
End-to-end reporting ensures the governance of your enterprise's passwords are well managed, and reported when required. The following types of reports are available within Passwordstate:
Flexible pricing for all size businesses.
