Jump to content


  • Content count

  • Joined

  • Last visited

About MarkCharman

  • Rank
  • Birthday 02/26/87

Profile Information

  1. Browser Extension - Limit to certain password lists

    Thanks, Primarily I'm after option 2 as its from a user perspective, but also as a Security Administrator I can see valid use cases and benefit from option 1 as well. Regards Mark
  2. Hi guys, In regards to the browser extension, can it be altered so that the user can choose which password lists they want searched for websites? The reason being is within our company a number of users have access to many shared password lists (with differing login information for the same website), and when using the browsers extension it will scan all shared password lists (and add appropriate audit records if a password is found), when really end users only want their own password details auto filled. Happy to provide more info if needed. Cheers Mark
  3. Password Owners, and Emails directed at them

    Not particularly, It would be great if they could subscribe (or we could subscribe them ourselves) to individual password lists. We want them to receive emails about the passwords they are in control of, so theres a sense that they own it. Disabling notifications globally doesn't create that sense of security, but too many emails means people either delete them without reading them, or set up a rule to automatically remove them.
  4. Good afternoon, A suggestion we've had in our office is a role of password list owner. The reason being is we have shared password lists across the office which can be group based (based on Business unit or similar) with shared passwords, but the password owner would like to receive notifications when the password is used. Another name for this would be 'Notify this user' or 'notify these users'. An example (Happened today): We have a 'office shared passwords list' where a wireless password is kept. Everyone in the office has 'view' permissions. The Corporate services team has access to modify the password list (and thus the password), and I have Admin level access to the list. The default notifications are on so every user gets an email when a password gets viewed/copied to the clipboard. Today, Jimmy went and opened the shared wireless password, all 30 users of the office received an email notification that Jimmy had viewed the password. I, as the password list 'owner' (in this circumstance) would like to receive that email, but the rest of the office does not.
  5. Account templates?

    The company I work for has procured a license for PasswordState, in the aim of replacing our current 'Write all your passwords down and we will store them securely' business continuity plan. Currently we have a standard template which we send around which has some standard fields, such as network logons, website logons and file passwords. Each piece of paper is photocopied and kept offsite and also in a firesafe. What I envision the product being used for is to replace this system. To achieve this I'm guessing each users will have to create private password lists reflecting our paper-based form. This is easy enough if people want to figure out what PasswordState is for, but what I want is for staff to use it as an information dump, not a tool to manage their passwords (they can, if they want, use it as a management tool). Is there a way to create a 'template account' and set that up for a range of users? Say for instance I have a new user called 'Joe bloggs' I want him to log in for his first time and be greeted with the following configuration already created for him. Joe Blogg's Passwords (Folder) - Network Passwords (Password List) - Website Passwords (Password List) - File Passwords (Password List) And then obviously any other shared password lists as appropriate. Is this possible?