Passwordstate is an internally hosted web-based solution for secure management of passwords, where teams of people can access and share sensitive password resources.
Role based administration and end-to-end event auditing, provides a secure platform for password storage and collaboration. 256bit AES data encryption, code obfuscation and enterprise scalability makes it the Enterprise Password Manager of choice.
Password Sharing for Teams of People
Share Passwords across teams of people by applying read only, modify or admin permissions. Permissions can be assigned to individuals or to security groups.
Update Passwords in Active Directory & Windows Servers
As passwords are updated in Passwordstate, you can also update the corresponding passwords in Active Directory or on Windows Servers.
Role-Based Access Control
Passwordstate is built upon the concept of role-based access. This includes access to password information, administering the Passwordstate application, and various features within Passwordstate. Read More.
Multiple Authentication Options include Two-Factor Authentication
19 different authentication options, including Active Directory Integrated, Forms-Based, two-factor authentication using RSA's SecurID, Scorpion Software' AuthAnvil, Google Authenticator, Duo Push, One-Time Password, SafeNet Cloud or On-Premise, and ScramblePad Authentication. Read More.
Application Programming Interface (API)
Integrate the Passwordstate API into your own applications, eliminating hard-coded passwords. Write your own scripts or code to retrieve, update and add passwords to the system, and maintain standard auditing & real-time notifications through-out the process.
You can view the methods available in the API here - API Documentation.
Automatic Password Rotation
Set a schedule for automatically resetting expiring passwords, and synchronize the resets between Passwordstate and Active Directory, or any local accounts on Windows Servers.
Every historical change made to a password's detail is recorded, including who made the change. When viewing historical information for a password record, you can cycle through the changes on the screen with the changes being highlighted to you.
Prevent Password Reuse
Adopt consistent Password Management practices with the use of Password Policies, and enforce various settings such as Prevent Password Reuse.
Each user can save their own Password Generator options, or Password Lists can have specific Password Generator options assigned to it. Plenty of options are available including alphanumerics, word phrases, length, special characters, brackets, case sensitive, etc.
Time-Based Access to Passwords
There are multiple options available for time-based access within Passwordstate. This includes access to password information, or to the Passwordstate application itself - set an expiry date and access will automatically be removed. You can even remove someone's access to a password record the next time the password itself is changed.
Provide one time access for users to password records, and automatically remove their access once the password is viewed or copied to the clipboard.
Send Auditing Data to Syslog Servers
In addition to the comprehensive auditing features in Passwordstate, you can also send auditing data to a syslog server if required.
Password List Templates
Ease the management of multiple password record types with the use of pre-saved Password List Templates.
Mobile Client Support
Need access to your password resources when you're out of the office? Use the Passwordstate Mobile Client which supports iOS, Android, Windows 8 Phone and Blackberry mobile platforms.
Password Strength Indicators
One of the most important aspects about a password is how strong the password is deemed to be. In Passwordstate you can have multiple Password Strength Policies, which can be assigned to different Password List. As the user enters a password, it will show them visually how strong the password is.
Every Password List can have up to 19 different customized fields, 10 of which are Generic Fields which can be of type Text Field, Free Text Field, Password, Select List, Radio Buttons or Date Picker.
Passwordstate has 54 different built-in email notifications. These can be customized or disabled by the Security Administrators of Passwordstate, and each user can specify which email notifications they would like to receive. Read More.
Account & Security Group Synchronization with AD
If required, Passwordstate can tightly integrate with Active Directory. This includes authentication to the Passwordstate web site, and account and security group memberships' synchronization. Options are available to delete or disable account status, depending on the status within Active Directory.
Auditing & Compliance Reporting
93 different events within Passwordstate are audited, with each of them being reportable by different roles within Passwordstate. This level of auditing facilitates compliance to various regulatory acts such as Sox & PCI DDS. Read More.
Expiring Passwords Management
Every password record can have an expiry date set, and then users can be reminded via email reports, visually on the screen, or via the Expiring Passwords Calendar view.
Configurable Password Hiding
By default passwords are masked on the screen with the standard characters ******. By clicking on these characters the password will be displayed. There are multiple options available for how long we wait until the password is again hidden, including a set period of time, based on Password Complexity or Password Length.
You can educate your users on the use of Bad Passwords, as Passwordstate includes almost 500 Bad Passwords which shouldn't be used. This list is configurable, and if a user enters a Bad Password they are informed they should choose a different one.
To mitigate against people leaving their screens unlocked with Passwordstate being visible, an automatic logout period can be set for inactivity.
Audit Log Tamper Detection
Detect and report on any manual modifications to Audit Logging within Passwordstate.
Emergency Access (Break Glass Access)
In the unlikely event all of your Active Directory domain controllers or IT Staff are unavailable, Passwordstate has an Emergency Access option if you choose to use it. Every aspect to this feature logs audit events and sends email notifications, even simply browsing to the hidden login page. The intention is to print out the Emergency Access details and store away safely somewhere i.e. secure safe.
If you have some frequently used Passwords, you can tag them as your favorite with a list of them being available on the default 'Passwords Home' page.
Upload documents and associate with individual Password records, or with entire Password Lists.
Import & Export Passwords
Multiple options are available for either importing or exporting passwords to csv files, depending on the permissions you have been granted. When importing passwords, you can first test the import to ensure the expected format is met.
Bulk Password Updates
The Bulk Update feature allows you to export all passwords records for a Password List to a csv file, make as many changes to the csv file as you like, then re-import and update the existing records.
Multi-Region Date Support
Passwordstate supports multi-region date formats so cross continent users can all share the same instance of Passwordstate.
As Password values are copied to the clipboard, you can set the amount of time before the clipboard is automatically cleared.
Additional Authentication for Password Lists
Further secure access to Password Lists by requiring an additional authentication step before passwords can be retrieved. Choose any one of the 9 different authentication options.
Secure Code & Data
To protect the privacy of sensitive data, all passwords are stored within the database using 256 Bit AES Encryption, and sensitive code is protected by the use of precompiled ASP.NET pages and obfuscated .NET Assemblies.
With multiple Active Directory Domain support, and built on Microsoft's web and database platforms, you can scale your solution from a single user to the enterprise.
With the optional High Availability module, users are able to perform all normal operations within Passwordstate, except those which add or update data in the database. Its purpose is to provide you access to view your passwords in the event your production installation becomes unavailable for whatever reason.
In Passwordstate you can logically organize your Password Lists into Folders. On occasion you may need to have the same password visible across multiple Password Lists. This is possible by copying and linking the password record, and every change is reflected across each of the Password Lists.
Allowed IP Ranges
Restrict which IP Addresses or Subnets can access the Passwordstate web site or API.
Automatic Backups and In-Place Upgrades
Set and forget automatic backups of all web and database files, and In-Place Upgrades directly from within the Passwordstate web site.
User Account Policies
Manage a specific set of settings for a groups of users at a time. The settings relate to various User Preferences, and how the Password Lists, Password Folders and Home Page screens appear to the user.
Active Directory Actions
Process various actions for Active Directory or local accounts in Windows Servers - Disable, Enable, Unlock & Password Reset Required on Next Logon.