Jump to content

Azkabahn

Members
  • Content Count

    153
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by Azkabahn


  1. When you are adding Webhook in slack, user can choose where to post messages. It can be a direct message to a specific user, but not really makes sense. One webook cannot post to multiple channels or multiple users. So best practice is to have a dedicated alert/notification channel. In terms of the content, it could be the same as in email templates (i assume) already.

     

    image.thumb.png.5b49f05e53fa8f5d6d9453f93489ec13.png


  2. I had a similar idea as well. Unfortunately, it doesn't work in our case since self destruct is places in DMZ zone and will be used to send out URLs outside organization. While the main PasswordState is placed in infra segment with no access to outside.

     

    Another question, I haven't had time to test it, but what if we simply use round-robin dns technique? Would PasswordState understand and return the message content?


  3. Hi,

     

    I will use this topic instead of creating a new. I hope it fits under this topic. In the administration area, it is possible to run a global report against haveibeenpwned database. The problem I face is that currently, I have 22167  password records in the database. When I click on that report, the whole PasswordState application crashes and gives 503 error. Perhaps an idea for future release to introduce batching or an option for the administrator to pre-select password lists? The latter would be more suitable as in our case you usually want to get a report on specific password lists that are managed by specific people.

     


  4. Hi,

     

    i think it's time to address one issue that I have been facing and some of the employees internally started to point out the same "issue". I hope this is a small feature request... It is quite common to paste the passwordstate URL to a specific password list or password record via various communication tools. The issue is that after you open the URL it doesn't and you end up in the password list, you have no idea what is the actual path or where it is in the navigation tab. It would great if in the navigation tab the user would be able to see where it landed in the navigation. For example, if have a deep structure of folders and many password lists underneath it takes some time to figure I out where exactly I am in the structure. 

     

    I hope that makes sense :)


  5. Hi,

     

    i would like to ask/propose to introduce new API endpoint for generating self destruct messages. Would it be something possible? We have a business case where such functionality would be implemented internally to our client services to automatically send sensitive information via such messages and also credentials from PasswordState. For API it would be enough to send post request ("Automatically self-destruct this message if not viewed in" and "Allow the self-destruct message to be viewed" - required values)and get a response of self destruct message URL. In our case, if someone would like to send credentials from PasswordState we can build aggregation with existing API endpoints and tie together with this newly requested API endpoint. Best case scenario would be to include optional fields in this new API endpoint where you could specify password record ID value


  6. Sorry, I was not aware of the newest changes. I have just upgraded to the very latest version :)

    Is there a reason why it was decided to split message creation into 3 steps? instead of having it in one window?

    Another worth mentioning point, is the display of the message when the receiver gets it. The only differentiation between system text and the actual message body is the indentation. Perhaps the actual message body could be more visually expressed/visible?

     

    image.png


  7. @SGauvin i think it's easier to put a proper health checks on your backend and then visualize in Grafana or any other similar systems. Next step would be to add alerting based on triggers. 

    Also - put a dynamic DNS load balancer in front so you could easily switch between primary instance and HA. We have built all of it and we do PasswordState upgrades with 0 downtime.

×