Flexible Options for Hiding Passwords

Hi Everyone,

Thought we’d share another little feature with you which might not be so obvious to you. On each of the Password Lists screens, there is a ‘Password’ column which shows the masked password and provides a image for you to click on copy the Password to the clipboard – see image below. Did you know there are three options for how long the Password will stay visible on the screen when you click the masked password text? Read on below to find out about each of the three options:

Masked Passwords
To find the option to change how quickly the Passwords will be hidden (masked), visit the page Administration -> System Settings -> Password Options Tab.

Option 1 – Hide Based on a Set Time
Regardless of the length or complexity of the Password, you can hide the Password based on a set time interval – in seconds.

Hide Password Based on Set Time

Option 2 – Hide Based on Complexity of the Password
As you’re aware, each Password is deemed to be of a certain ‘Strength’, and this strength can differ depending on which ‘Password Strength Policy’ is assigned to the Password List. You can set a specific time interval for each of the 5 different Password Strengths – Very Poor, Weak, Average, Strong & Excellent

Hide Password Based on Complexity

Option 3 – Hide Based on Password Length
It can be very difficult to read an unmasked Password in it’s entirety if it is a long password – more than likely it will be hidden before you’ve finished typing the password into a different screen somewhere. To overcome this, you can hide the Password based on different set time intervals, for three different Password Lengths – of which, all can be customized to your liking. Note that Length 3 is greater than or equal to, whereas the other two options are less than or equal to. This means you should set  Length 3 to be one value greater than Length 2.

Hide Password Based on Length

We’ll keep posting tips like this for our Password Management Software, and please leave us some comments if there’s anything specific you would like us to explain.

Regards
Click Studios

Passwordstate 5.5 Released

Hello Everyone,

Click Studios is very pleased to announce the availability of Version 5.5 of Passwordstate with 30 new features, updates and bug fixes in total. Notable changes are:

  • Added Authorized Web Server functionality whereby you must now specify which web server names are hosting the Passwordstate web site. This mitigates against database theft, and hosting in an untrusted environment
  • A new Delta Permissions Email Notification report which alerts Password List Administrators of prior and post permission changes to Password Lists
  • You can now choose to send all Auditing data to a syslog server
  • Enumerated Password Permissions Report which shows access for all users accounts, even if permissions were applied via security group membership
  • Secondary authentication options for securing access to Password Lists and navigation Tabs
  • User must provide reason for accessing password value – either copy to clipboard, or view on screen
  • One-Time Access is now possible for password records – as soon as a password is viewed or copied, the user’s access is removed

You can download the latest release from here – http://www.clickstudios.com.au/downloads/passwordstate.zip, or watch the following short video showing some of the new features.

Time-Based Access to Passwords and Passwordstate

A couple of features we’ve had for quite some time now is Time-Based Access to Passwords, or to Passwordstate itself. To start with, we’ll show you time-based access to Password Lists:

Time-Based Access to Password Lists

When applying permissions to a Password List, you will notice a tab called ‘Time Based Access’. By clicking on this tab you can set the access to expire automatically at a specific time, or by a certain number of days, hours and minutes into the future.

After you have set the expiry date for the access, a new icon will be shown in the ‘Expires’ column of the Password Lists Permission page:

The Passwordstate Windows Service checks every one minute if any access has expired, and removes permissions if appropriate.

Time-Based Access to Passwordstate

Another useful feature is to automatically remove or disable a user’s account in Passwordstate at a set time. The screen for configuring expiry of an account is similar to the one for Password Lists, except this time you can also choose to disable or delete the user’s account.

This feature is very useful if you have contractors working in your organization, or if you have an employee leaving at a known time.

Regards

Click Studios

Passwordstate – Password Management Software

Passwordstate 5.3 Released

Hi All,

Click Studios is pleased to announce the availability of Version 5.3 of Passwordstate, which includes 13 new features, 8 enhancements & 12 bug fixes. Notable changes are:

  • We’ve introduced a new feature called Emergency Access. This access is only meant to be used when other forms of user authentication are not possible i.e. AD is unavailable, or users are unavailable
  • Recycle Bin for deleted passwords. You can now restore deleted passwords from the recycled bin if required
  • You can now specify which users (all, none, individuals or security groups members) can create Password Lists, Password Folders, Administer Password List Templates, or request access to passwords
  • Provided the feature whereby you can link passwords copying them between Password Lists – all details are synchronized between Password Lists
  • Multiple Password Generator options are now possible allowing you to assign each Password Generator to different Password Lists
  • User can now choose exactly which email notifications they would like to receive or suppress
  • You can now synchronize the enabled/disabled status of an Active Directory account in Passwordstate
  • When an Active Directory account is deleted, you can now either choose to delete, disable or ignore the matching user account in Passwordstate
  • Modify permissions for Password Lists now has the following options – Add, Edit or Delete passwords
  • When users has ‘Guest’ access to a Password List, you can now choose to allow them to also create new password records
  • You can now choose to receive a Daily Audit Report via email showing the past days activities for the Password Lists you have access to
  • Provided the option to disable the feature which allows you to purge all auditing records
  • Provided option to View or Email another user a direct link to a Password record

You can download the latest release from this location http://www.clickstudios.com.au/downloads/passwordstate.zip, and upgrade instructions are included in the download.

Regards
Click Studios