Jump to content

Fabian Näf

  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by Fabian Näf

  1. Hi my friends of Passwordstate In my test-environment on (almost) every update of Passwordstate I get the following error: - Stopping Passwordstate Windows Service..... - Download started..... - Extracting new files..... - Installing new files..... - Upgrade error detected - The process cannot access the file 'c:\inetpub\Passwordstate\hosts\gateway\SparkGateway.exe' because it is being used by another process. - Method = CopyNewFiles Please check/test your settings on the screen Administration -> Backups and Upgrades -> Settings button. There is also full documentation and troubleshooting steps in the Security Administrators Manual under the Help menu - refer to the section "Backups and Upgrades". This error is not really an issue. After that I get logged out and after log in again I get the step 2 of the update and everything works as expected. I’m just wondering if this is a known error? Does anybody else already got this error? I already excluded the whole Passwordstate folder from my anti-virus scanning activities... All the best, Fabian
  2. Fabian Näf

    Personal API Key

    Hi I just wanted to remark, that Azkabahn tested out the WinAPI with Linux and it seamed to work nice. All the best, Fabian
  3. Hi all, In the last days I had issues with different websites to fill the form. Usually it helped to update the id or name fields, because the website changed the tags. It would be great if the browser would recognize when I enter my credentials manually on a website (where the website is already existing in Passwordstate) that it already exists and would ask me if I would like to update this Passwordstate record to match the new field tags. Also if I logon manually to a website, where the website is already existing in Passwordstate, and I use the same username, but a different password, the browser extension could recognize this and ask me if I like to update the password. I general I would wish that the browser extension would be a bit more userfriendly, for me it's fine to inspect a website and update the tag fields in Passwordstate, but for the most of our users it's a litte bummer, they don't get it. If someone else from the community has any suggestions how to make it more userfriendly from his experience, don't hesitate to share your thoughts. Thanks to all other people in the community for a "+1" reply and thanks to Clickstudios for putting my request to the queue of feature requests :-) All the best, Fabian
  4. Fabian Näf

    Browser Extension - Update Password

    Hi Lee Thank you very much for sharing the plans about the browser extention. I'm using the extension very often and I'm really looking forward to the comming versions! All the best, Fabian
  5. Fabian Näf

    Browser extension issues since recent update

    Hi Lee Thank you very much for the explanation! Regards, Fabian
  6. Fabian Näf

    Browser extension issues since recent update

    Hi all, In the last days I also struggeled with some websites about the auto filling. For me it helped to remove the credential from Passwordstate, re-login to the extension and then login again to the website to let the browser extension catch the credentials and add it to Passwordstate. I had some websites where they changed the id or name tag in the html. If this was the case I also could update the browser field tag according to this video: I'm right, that the browser extension (now) does work with eighter the id or name tag? From the text in the "browser form fields" tab, this is not really clear to me as it says "names" in the text and "ID" on the fields. All the best, Fabian
  7. Hi All I'd like to raise a feature request for an automated clearing of the notification area. It would make sense to automatically remove notifications if they are not accurate anymore e.g. for the following scenarios: If an update ran, the notification about the new build (which is already installed in the meantime) could automatically be removed. If an Access Request to a Password/Passwordlist has been fulfilled, the notification could be removed automatically. We often have the scenario that an user requests access to a Password/Passwordlists, which then goes to houndreds of users. After this has been granted/rejected, all other users need to clear their notification or click on it and realize then, that it doesn't exist anymore. If anyone sees further options, where this would make sense, let us know... Best regards, Fabian
  8. Fabian Näf

    Can WinAPI be used via a Linux shell script?

    Hi Habskilla To create the REST JSON Body I always go for the following approach: First create a PowerShell object and convert it then to a JSON-String. The big advantage of that is, that you don't have to care about any special characters, escaping and stuff like that. $Body = @{ FolderName = $Name Description = $Description NestUnderFolderID = $ParentFolderID APIKey = $global:PasswordStateSystemWideAPIKey } $jsonBody = $Body | ConvertTo-Json $PasswordstateURLFull = "$($global:PasswordstateURL)/api/folders" $result = Invoke-Restmethod -Method POST -Uri $PasswordstateURLFull -ContentType "application/json; charset=utf-8" -Body $jsonBody The response I get is then stored in $result and can be accessed directly: $output = $result.FolderID If you have the answer as a string you also could use for the following approach: $responseObject = $responseJsonString | ConvertFrom-Json If you take a look the KeePassImport-Script you'll find some more examples. All the best, Fabian
  9. Fabian Näf

    Upgrading from free version

    Hi Alex On the follwing site you can calculate a quote. https://clickstudios.com.au/create-quote.aspx Best regards, Fabian
  10. Fabian Näf

    Key storage

    Hi Nathan In Passwordstate you can also upload and attach documents to a passwordlist. Probably this could be a way for you to store the key files. But I'm not sure if uploaded documents are getting encrypted in the database (probably @support could help out here whit this question). Best regards, Fabian
  11. Fabian Näf

    New import KeePass Powershell script 2018

    Hi Khurram You could try to import to a different folder. Or you also could try to use the WinAPI version, but this one creates private passwordlists. You would need to convert them or change the script to create shared passwordlists. Best regards, Fabian
  12. Fabian Näf

    New import KeePass Powershell script 2018

    Hi Khurram Also other users are experiencing the same error and therefore I'm guessing that it's kind of a bug. I reported back here. Best regards, Fabian
  13. Fabian Näf

    Issues adding passwords via webapi

    Hi all, Currently I think that there's some kind of bug with this REST method, because I can't see any issues with the script and also other users are reporting the same error. In our company about one month ago one user wannted to use the import script from KeePass, which is using the WinAPI and we got the following error when the REST call tried to add passwords to a Passwordlist. After we stared exactly the same import with another user account it worked fine. The KeePass import script with the WinAPI creates private passwordlists and uses the loggedin users account (instead of shared with the script which uses the Anonymous-API with the Key). Best regards, Fabian
  14. Fabian Näf

    New import KeePass Powershell script 2018

    Hi Khurram Do you get any errors from the PowerShell script itself? Could you post them? Do you use the version with the WinAPI or the Version which uses the API with the Systemwide API Key? Could you try to run the script with another user or try to import to a different folder? Best regards, Fabian
  15. Fabian Näf

    Approve Check Out

    Hi Joshua Passwordstate gives you the possibility to request an access to a password or passwordlist by clicking on the passwords menu (the first icon) on the lefthand side. Through this option you can request an approval from admins of the Passwordlist/Password. Permissions can be get only for a certain time window or can need a handshake approval (two person). There's also an other feature which could be interested for you: When you have an account properly setup with password rest options you can use the checkin/checkout feature. This will show a Password only after it has been checked out by the user. After the work has been done, the password needs to be checked in again. Then the password reset comes into play, it will immediately generate a new password and set this new password on the related system. So no one (expect passwordstate) will ever now the current password and the user can't write it down. Best regards, Fabian
  16. Fabian Näf

    Delete Folder Button

    That sounds very bad, if someone accidentaly deletes passwordlists even though he has been asked twice. But I can imagine, that this can happen easily, when people are to lazy to read the dialogs... In other tools I've seen a dialog coming up where you manually need to type the word "delete" to remove something very important, probably this could be an easy way to prevent accindental removal of passwordlists. Anyway I'd like to link from this feature request to the feature request of a recycle bin for password lists for other user to upvote both
  17. Fabian Näf

    Single password / password list recovery

    +1 for a recycle bin for password lists (to push this feature request )
  18. Fabian Näf

    Permissions folder

    +1 for this feature request with configurable options through the administration menu. Reason: When a user has modify rights in a folder with propagated permissions, he can create Passwordlists, but he's unable to modify or delete the Passwordlists afterwards, when he made a misstake (e.g. typo).
  19. Fabian Näf

    Delete Folder Button

    Hi Sarge I came up with a similar feature request some weeks ago. For me it would make sense to have this option direct in the context menu of the tree. No mather if it's a passwordlist or a folder. This would give our users a better usability, because they could find the same option everytime at the same place. About the concerns of having the delete button in front and not "hidden": Of course, a confirm dialog would be needed! Best regards, Fabian
  20. Fabian Näf

    "Full" Emergency Access

    Hi Constantin In the administration area there's a option to export all passwords. This is also possible in a Keepass compatible format. I think this could cover your need. Best regards Fabian
  21. Hi Crey I'm not completely shure if this would be a feasable solution for you, but if you also could use SAML for authentication it should basically do what you need: A pre-authentication, which is made before Passwordstate. Passwordstate also supports configuring IP ranges to restrict access regarding to the authentication option. Best regards, Fabian
  22. Fabian Näf

    One time usage links

    Hi Passwordstate has a function, that should exaxtly cover your need. It's called "Self destruct message", you should find this in the menu on the left hand side. They're also currently developing a way to install only this self destruct messaging part on a separat computer, e.g. in a DMZ. Best regards, Fabian