Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


support last won the day on April 24

support had the most liked content!

About support

  • Rank

Contact Methods

  • Google Plus Account

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

3069 profile views
  1. Hi Mark, Can you please run the following SQL statement below using SQL Server Management Studio, as this will clear the list for you. USE Passwordstate DELETE FROM [PR_BadPasswords] I tried copying this List to excel, and Excel even timeout out for over a minute before it was responsive. I'm not sure if there's a great deal we can do around performance for this, except I would recommend using our Password Policies instead - you can enforce the use on strong passwords, which would negate the requirement to check these "simple" passwords in the list. Regards Click Studios
  2. support

    Have I Been Pwned? Integration

    Hello Markeldo, We do plan on looking into this as an option at some stage, as soon as we can allocate some time to it. This may be quite a bit of work, as we need to consider everywhere Bad Passwords are used i.e. UI, API, Windows Service. We'd also need this to be an option, for customers who do not want to allow Passwordstate to communicate on the Internet. Regards Click Studios
  3. Hello, Yes, if you are not using AD Integrated authentication, then unfortunately you cannot use this version of the API. If you're interested in converting to this, let me know and I can email you some instructions. Regards Click Studios
  4. Hi Lucas, Thanks for your request. We believe having some sort of additional Auth for the API would cause issues with various scripting environments, which is why we have not considered it to date. We're also considering adding a "per user" API Key as well in a future build. Have you considered the use of our Windows Integrated API - this does not require API Keys at all, and gives you the same level of access as logging into the UI. You also have complete control over who is allowed to use either API, which can be found in the Administration area. So if you have some concerns here, you can restrict access to a certain degree. You can also restrict which IP Addresses can be used to make API Calls from - this can be found on the screen Administration -> System Settings -> Allowed IP Ranges. Regards Click Studios
  5. Hi Buckit. Not exactly sure of your environment, but is it possible these accounts can reset themselves without a Priv Account? As long as they have the required permissions, then this is possible in Passwordstate. Regards Click Studios
  6. Hey Buckit, We we take a look and see if this will be a simple change. If it is we'll include it in a future build. Regards, Support
  7. support

    Password Extension: Fill on click instead of auto fill

    Thanks for the vote Greg. We'll consider this request when we next work on feature development for our extensions. Regards Click Studios
  8. Hi Buckit, Thanks for your request. At this stage we're not sure this is something we would like to implement, as it goes against best practice fur using unique passwords across your hosts. It would also required a complete redesign of our Password Reset Engine, Account Heartbeats, Remote Site Locations, Reporting, API, etc, etc. Regards Click Studios
  9. support

    SSH key rotation

    Hi Kevin, We believe the only way this would be possible would be via our API, but unfortunately we've never tackled something like this. Hopefully someone in the community has strong linux scripting skills, to point you in the right direction. Regards Click Studios
  10. Hi Jimmy, Thanks for your patience with this, and we do need to apologize - this is an issue with our code, checking that xml file as you mentioned. I'm not sure why I didn't see this in testing - possibly it was cached somewhere. We've fixed this for the next release, which means you will obviously need to perform a manual upgrade when this new release is available. We're not sure when the next release is yet, but it could be 2 to 4 weeks again. Again, thanks for your patience, and sorry again. Regards Click Studios
  11. Hi Jimmy, We'''ll schedule an Internet outage at the office tomorrow, and see if we can replicate your issue again - it's currently 7pm in Australia. We'll let you know what we find. Regards Click Studios
  12. Hi Jimmy, I pointed you to the correct part of the Security Administrator's manual - I certainly didn't expect you to read all 180 pages. For SQL Server, if you want Passwordstate to backup the database, then yes this is required - either for scheduled backups, or backups just prior to upgrades. Or you can check the option to say you don't want to backup the database, and you can manage this separately yourself. We try and give customers options for these sort of things, and let them decide what's best for their environment. Possibly because this is a "secure" environment, the manual method I outlined might be the best option for you. Regards Click Studios
  13. Sorry Jimmy - we'll need to correct that reference of the message at the top of the screen, as it is out dated - we didn't realise it was still in there. If you are wanting to configure this backup account, we have whats fully required in the Security Administrators manual. You can find this under the Help Menu, and then look in the Backups and Upgrades section. Did you want to do the manual upgrade for now, and then you can explore the backup account permissions required after? Regards Click Studios
  14. Hi Jimmy, I'm not sure what build you're upgrading from, but new Build Numbers are not shown at the top of the screen anymore - they will be added into the Notification Center on a schedule. If you go to the screen Administration -> Backups and Upgrades, and click on the 'Upgrade Now' button, you will see the NewBuildNo change being reported on this screen. Regards Click Studios