Essential Compliance

Use Passwordstate to help your organization reach NIST, PCI DDS, HIPAA, NERC/CIP and SOX compliance. For an informational checklist on how Passwordstate can help with each of these acts, please click here Request Compliance Checklist

Access Management

Passwordstate has granular role based access, so segregation of access is possible. Read, modify and administrator permissions can be granted to Password Lists and individual Passwords, either to individual users or to members of a Security Group. Security Administrators (who administer the whole system) have 12 different access roles which can be applied.

Compliance reporting

Passwordstate records over 120 different types of audit events, all of which can be reported on when required. You can see a complete list of audit reports here - Compliance Reporting. For a full list of Reports and Audit events, please see 'Available Reports' further down on this page.

Real-time Email Notifications

Passwordstate has 56 different types of real-time email notifications, all of which help keep everybody informed about what's occurring in the system. You can see a complete list of Email Notifications here - Email Notifications.

Password Length and Complexity

As users create and edit passwords records in Passwordstate, they’re provided visual recommendations for how strong the password strength is based on policies set by the Security Administrators.

Tracking and reporting of password resets

Each password within Passwordstate can have an expiry date set, with reporting and email/visual reminders as a result. Automatic Password Rotation is also possible.

Password Reset Recommendations

When a user’s access to passwords is removed, a recommendation email is sent to each of the Password List Administrators recommending they reset the appropriate passwords.

SIEM Integration

In addition to the comprehensive auditing capabilities within Passwordstate, you can also integrate Passwordstate with your SIEM implementation for consolidated event correlation.

Pre-Defined Reports

49 different pre-defined reports are available, which can be run either on demand, scheduled, or execueted via our API. All scheduled reports can be delivered in either HTML or csv file format. Below are each of the reports, for each of the different categories:

User Reports
What passwords can a user see?
What passwords does a user still know?
What has a user been doing lately?
What Failed login attempts have there been?
Who hasn't logged in recently?
Who has one or more Security Administrator roles?
What Remote Sessions has a user been doing lately?
What user accounts are currently disabled?
What user accounts are set to expire?
Which users have logged in using the Emergency Access account?
What user account impersonation has been occurring?
What authentication option is applied for each user?

Password Reports
What passwords have failed Heartbeat?
What passwords have failed Reset?
What passwords require checkout?
What passwords are currently checked out?
What passwords require a Reason to be specified for access?
What passwords are expiring soon?
What passwords have recently been reset?
What password values have been reused?
What passwords have not been used lately?
What Passwords are not being synced?
Show Passwords configured for resets and their dependencies
Passwords Strength Compliance Status
Have I Been Pwned Compromises

Permission Reports
What permissions exist (all users and security groups)?
What permissions exist for a user?
What Permissions exist for a Security Group?
What permissions have changed recently?
What permissions exist for all shared password records (enumerated permissions report)?
What permissions exist for all Host Folders?
Who has been approved access to passwords recently?
Who has been denied access to passwords recently?
How many Administrators are there for each Shared Password List?
How many Administrators are there for each Password Folder?

Activity Reports
Remote Session Launcher Activity
Browser Extension Activity
Mobile Client Actviity
API Activity
Self Destruct Activity
Passive High Availability Module Activity

Miscellaneous Reports
Where are Privileged Account Credentials currently being used?
What security groups exist, and who are their members?
What Host records exist in Passwordstate, and what are each of their configuration items?

Document Reports
What documents have been uploaded into Password Folders?
What documents have been uploaded into Password Lists?
What documents have been uploaded into Password records?
What documents have been uploaded into Host Folders?
What documents have been uploaded into Host records?

Real-time And Scheduled Reports for Auditing Data

There are over 120 different audit events which are logged in Passwordstate, which can be reported against in real-time, or scheduled reports can be created for specific filtered events. Below is a list of the different categories: