Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by Azkabahn

  1. Hi, just recently deployed a separate instance of Self Destruct Message. Our plan is to push this feature to client support dep. Currently, the majority of people use whatever other online tools for sending self destruct messages. I see a good use case for having an internal tool like that. I see a lot of things that can be improved, but I would like to highlight one of them - perhaps you could add an option to craft a message within the browser extension? After creation, the URL gets copied to the clipboard and then you simply paste the URL to whatever communication channel you ar
  2. +1 Also it is difficult to understand the situation where a user is duplicated many times when you look at the permission list. For example: User A has modify permissions for Record A User A has view permissions for Record B I will have the same user displayed 3 times: 2 for above permissions, 1 record under the guest column. Perhaps it would be possible to separate such views? One for password list level, second for individual records?
  3. I will put my +1 as well. We get into similar situations where it's better to use PasswordState to expose temporary login info to outsources than some other external tool.
  4. Hi, used this SQL query for several times. I would put +1 for this feature to have it in the reporting. I would improve with the additional column indicating the number of records in the password list.
  5. Hi, so now it is possible to enable multiple tabs? I cannot seem to find it. I have V8.4 (Build 8411)
  6. Hi, I have asked this quite some time ago and you said to wait for 2-3 months. I thought I will wait for more and perhaps now it's time to ask again :) Would you consider to implement WinAPI access permissions per individual record in the password list?
  7. Of course, there is no problem for that. I thought I will just point this out in case it wasn't
  8. Interesting... Perhaps then there could be a button that scales the image to default size - 20x20px. I cannot come up with the case where someone wants to have an image over 40x40px OR something I have posted. It's doesn't look good from UI/UX perspective.
  9. Hi, I randomly uploaded a new icon expecting that there is an autoscaling implemented, but it's not I think it's small fix and it will avoid manually fixing all images to be 20x20
  10. Thanks for a suggestion, but I'm not allowing "client" to access passwords, it is only able to add himself to Hosts Probably I'll need to live with searching by IP at least for some time, keep in mind that any field that is inherited from Host ---> password would be appreciated in future releases
  11. Just a quick thought, we are fine even if "HostName" will be added in password notes, that works too (since password state will be able to find that particular password using hostname and/or IP)
  12. Sure, I know, I have done this before, however then I have issue that discovered account is saved with "IP" as Hostname/Title which is not that cool also, I mean usually users will search for a password using hostname of machine. So basically there would be 2 solutions for this issue. 1. Make it possible for Discovery job to use "Internal/external IP" field on account discovery (I guess not gonna happen ) 2. Make Discovery Job "append" Title field from host to password object (so you would be able to search for a password using hostname OR IP address)
  13. This is what I was asking, It was strange for me to have IP field and would be not able to use it, sure we have DNS records, however it is not most reliable thing when you are managing thousands of hosts. If I understood you right, there is no way to use that field, only fqdn (hostname) that can be resolved ? I see, idea was not to give "Host/client" any access to password lists, only it should be able to create host object. It will not be the case I guess.. Thanks for the suggestions, will try to figure it out somehow
  14. And if possible, could you explain a bit more about this. AFAIK, there is not such thing implemented in API calls, so somehow I should track/catch events on passwordstate itself ? Any example how it can be done ?
  15. Well, doesn't look like this, If I add Hostname instead of IP, heartbeat fails instantly. And this is how host definition looks like And trying to discover accounts results in: p.s Discovery script uses exact variable: $success = $ssh.Connect($HostName, $Port) Sorry if I'm not right, Powershell isn't my thing
  16. Hello, We are adding Linux hosts via API, however I have couple of concerns. Why passwordstate doesn't use "IP" field in host object ? It is trying to use "Hostname" when connecting to discover accounts. Maybe with windows is less likely to have hostname without fqdn, however often linux systems does have hostname that can not be resolved, more reliable way would be to use its IP instead of hostname, don't you think so ? Also, It is strange why after account discovery, password is being created with "HostName" or "UserName" variables only, host has field "Titl
  17. +1 point to this as well. This is related to what i just recently posted
  18. Hi, I would like to propose to split auditing table in the backend into two tables. Not sure if other customers complain or have a huge load on PasswordState, but I tend to see that such feature would be beneficial. We have a lot of integration with CI/CD (Continuous integration / continuous delivery) tools via API and WinAPI. I am aware of the flag (PreventAuditing) that can be appended to the API calls in order not to leave traces in the audit log. I must say this should not be an option at all it's very complicated to do forensics or analyze if someone scraped all the pa
  19. Of course. I will try to make some UI samples/suggestions
  20. Hi, do you plan on improving/introducing a bit easier reporting of permissions that exists within password list and for individual records? I am aware of scheduled reports and available options in the administration area, but it doesn't make it easier when it comes to access review or understanding who and what access has. A couple of issues to illustatre: If I go to Administration -> Reporting -> "Report Name: What permissions exist (all users and security groups)?". I select a password list that I want to view, then select a filter (Guest = NotIsEmpty). I get a couple
  21. Hi, great news, thanks for that!
  22. Hi, when you say "DiscoveryJobs table" this has to be changed in the MS SQL database?
  • Create New...