Jump to content

Fabian Näf

  • Content Count

  • Joined

  • Last visited

  • Days Won


Reputation Activity

  1. Thanks
    Fabian Näf reacted to support in Automatical clearing of the notifications area   
    Hi Guys,
    Just letting you know that we've released build 8627 today, which includes your request mentioned above.
    Thanks for the suggestion - we appreciate it.

    Click Studios
  2. Thanks
    Fabian Näf reacted to support in Automatical clearing of the notifications area   
    Hey BH,
    No issues at all, and maybe we shouldn't be so sensitive ourselves. We're only a small company, and the hundreds of outstanding feature requests we have can be quite stressful at time, as we want to keep all customers happy - but this is our issue not yours.
    I'm happy to report that we've now finished this fix for you for the next release, which is scheduled for early next week. I'll post back here again as soon as we release the next build.
    Thanks again, and have a great weekend.

    Click Studios
  3. Like
    Fabian Näf reacted to BHillebrand in Automatical clearing of the notifications area   
    I'd like to second this request. Our organisation has three security-related staff approving passwords and a relatively low volume of password access requests. Right now, the notifications area is a useless feature that distracts and agitates our security administrators, mostly because any time a notification has appeared, you can be 99% sure that someone has already handled whatever pending access request notification is there, hours ago. Of course, they have to click there each time on the assumption that there might be a pending request, which 99% of the time wastes time and lowers productivity. 

    Please implement the automated removal of stale notifications... It should have been done in the first place.
  4. Like
    Fabian Näf reacted to support in Have I been Pwned warning message   
    Hi All,
    Today we have released build 8600 of Passwordstate, which includes a few new haveIbeenpwned features:)  Here's a list:
    1. New report which queries all shared Passwords in your system against the haveIbeenpwned database, and advises which ones to change

    2. A new tool to check passwords against the online haveibeenpwned repository

    3. Also a new icon on Password Lists to quickly check the current password against the online repository:

    4. If you have this option unchecked on your Password List, and are using the haveibeenpwned online repository under Administration -> Bad Passwords, then the user will get a warning about the password being compromised before they click Save.  It's up to the user if they want to Save or not:


    5. You can run a Report at a Password List Level to show which Passwords in that list have been compromised.  This is handy for users who have Private Password Lists they want to check against.

    We hope this helps!
  5. Thanks
    Fabian Näf reacted to support in Passwordstate 8.6 (Build 8600)   
    Hi Everyone,
    Today we have release build 8600, which includes 20 new updates, and 7 bug fixes. Full changelog can be found here - https://www.clickstudios.com.au/passwordstate-changelog.aspx.
    Click Studios
  6. Like
    Fabian Näf got a reaction from habskilla in Can WinAPI be used via a Linux shell script?   
    You can also save your credentials in a variable ($credVariabke = Get-Credentials) and pass this to the Invoke-Rest Powershell command. So I assume, there could be a way.
    I also can imagine, that you could pass your credential to a REST-call header from another system (e.g. bash script) to authenticate, but I'm not familiar with bash scripts. 
  7. Thanks
    Fabian Näf got a reaction from Joshua Sanders in Approve Check Out   
    Hi Joshua
    Passwordstate gives you the possibility to request an access to a password or passwordlist by clicking on the passwords menu (the first icon) on the lefthand side. Through this option you can request an approval from admins of the Passwordlist/Password. Permissions can be get only for a certain time window or can need a handshake approval (two person).
    There's also an other feature which could be interested for you: When you have an account properly setup with password rest options you can use the checkin/checkout feature. This will show a Password only after it has been checked out by the user. After the work has been done, the password needs to be checked in again. Then the password reset comes into play, it will immediately generate a new password and set this new password on the related system.
    So no one (expect passwordstate) will ever now the current password and the user can't write it down.
    Best regards,
  8. Like
    Fabian Näf got a reaction from KingIsulgard in One time usage links   
    Passwordstate has a function, that should exaxtly cover your need. It's called "Self destruct message", you should find this in the menu on the left hand side.
    They're also currently developing a way to install only this self destruct messaging part on a separat computer, e.g. in a DMZ.
    Best regards,
  9. Thanks
    Fabian Näf reacted to support in External user access   
    Getting there....


  10. Thanks
    Fabian Näf reacted to support in Error Console Error About Archive Auditing   
    Hi Fabian,
    We've released build 8459 today, which should fix the issue of the new AuditingArchive table - thanks very much for reporting it.
    Whilst we were unable to reproduce that error mentioned above for the Loggedout page, we've made a small change in this build to see if it will help you also.

    Click Studios
  11. Thanks
    Fabian Näf reacted to support in Using Permalinks for Folders, Password Lists or Password Records   
    Hi Guys,
    Just letting you know we've released build 8455 today, which includes this change mentioned above.
    Click Studios
  12. Thanks
    Fabian Näf reacted to Folke in New import KeePass Powershell script 2018   
    Hey there!
    Here's my updated version with some new features
    Fixes: UTF8, Check for Folder, htmlsafe notes, a litttle bit errorhandling New: Importing additional KeePass Fields with customized mapping New: Adding not handled additional fields to the Notes field New: Support for File-Attachments New: Support for enabled rights propagation and Linked Templates (not setting rights to an admin) Due to the increased number of options you are not longer prompted for them, instead fill in all options at the top of the config file (see also below)
    Thanks to Fabian for the initial version.
    Kind Regards

    The configuration section looks like this 
  13. Thanks
    Fabian Näf got a reaction from support in Create Password folders using script   
    Hi Emad
    You can archieve this by using the REST API of Passwordstate. In the manual of the REST API you can see a lot of examples how to do this by using Powershell.
    Just navigate to /api or /winapi to see the manual (or open it through the help menu).
    Best regards,
  14. Like
    Fabian Näf reacted to support in Have I Been Pwned? Integration   
    Hi Everyone,
    Happy to report back here that we now have Pwned integration in our software, in our standard Passwordstate Vault and also in the Password Reset Portal module.  After upgrading to 8388 or higher, you will see this option under Bad Passwords:

    Then, as long as Bad Passwords is enabled on the Password List, when a user goes to add or update an existing password, it will perform a Pwned check and deny them setting the password if it has a match to the online Pwned API.
    Thanks for the suggestions!
  15. Thanks
    Fabian Näf reacted to support in New import KeePass Powershell script 2018   
    If you need to import all of your data from KeePass into Passwordstate, this is the preferred process due to the below Powershell script keeping the correct format of your KeePass database.  We'd like to thank one of our customers Fabian Näf from Switzerland for writing this script for us.  He did a great job and it's helped out many of our customers.
    This import process will create a Folder with the same name as the XML file you export from KeePass, and it will then replicate the KeePass structure beneath this.
    For customers not familiar with Passwordstate, the equivalent of a "Group" in KeePass is a "Password List" in Passwordstate. We also have the concept of "Folders" which allow you to logically group Password Lists together. If you follow the process below, it should create a Folder with the same name as the XML file you export from KeePass, and it will then replicate the KeePass group structure beneath this.
    Process Start:
    In Passwordstate, identify and note down your System Wide API key from Administration-> System Settings -> API and you will find it under “Anonymous API Settings & Key”.  Ensure you save this page after you generate the new key. Create a Password List Template under the Passwords Menu -> Password List Templates.  On this template please set the following options and then save the template: Disable the option to prevent the saving of password records if they are found to be a “Bad Password” (screenshot 1 below) Uncheck the option so the Password field is not required, and enable the URL field (screenshot 2 below) Identify and note down the TemplateID by toggling the column visibility (screenshot 3 below) In KeePass, open your database and export the contents to a XML file.  This can be executed from File -> Export -> KeePass XML (2.x) Download the script from:  https://www.clickstudios.com.au/downloads/import-keepass-xml.zip Extract this zip file and open with Powershell ISE or the straight Powershell shell, if you prefer You will be prompted to answer 5 pieces of information: The username of an existing Passwordstate user you wish to give Admin rights to all Passwords imported during this process.  Generally you would just enter your own Passwordstate UserID here as you can modify permissions later and and example format for this is halox\lsand Your Passwordstate URL Your System Wide API key The FolderID you wish to create your KeePass structure under.  Enter '0' to create this in the root of Passwords Home, otherwise find the Folder ID of any Folder you like and use this when running the script Your PasswordList Template ID It will ask you to browse to your Exported XML file  
    That’s it, the script will now run through and automatically read all of the information out of the XML file, and import it into Passwordstate.  From here, there are a few other things you might want to consider doing after the script has run successfully:
    You may want to rearrange your folder structure.  Ie possibly you might want to create some new folders for each of your teams, and then drag and drop existing Password Lists/Folders inside of them Once you are happy with your Folder structure, you should start applying permissions to either Password Lists or Folders using the following video as a guide: https://www.youtube.com/watch?v=QBJE_xD185U Best practices are to use Security Groups to apply permissions, instead of individual users, if possible  
    Screenshot 1:

    Screenshot 2:

    Screenshot 3:

  16. Like
    Fabian Näf got a reaction from support in Privileged Account Management   
    Hi Kevin
    Clickstudios has a lot of good video tutorials. Probably the following video could give you a hint, how to work with expiring passwords.
    Best regards,
  17. Thanks
    Fabian Näf got a reaction from Mario Härdi in Importing from KeePass into Passwordstate   
    Hi All
    I just made a new versions of my KeePass and Passwordsafe-Import scripts.
    Difference to the old version:
    You need to enter your windows credential Uses WinAPI (instead of using the system wide API key) Creates private passwordlists for the specified user In general:
    If you like to import shared KeePass/Passwordsafe files: Use the old version (system wide API key used) If you like to import personal KeePass/Passwordsafe files: Use the new version (WinAPI used with personal permission) Terms: These scripts are free to use, it's not allowed to resell my scripts or making business with it! There's absolutely no warranty about what the scripts are doing, you use them on your own risk.
    For more infomation about how to use it, take a look at my first post about the first version in this thread.
    Best regards,
  18. Thanks
    Fabian Näf got a reaction from njordur in API Create Password with $ in it   
    Hi All
    I'm not sure if this helps (I had no time to test it).
    I usually create the JSON as following: Create a Powershell Object, then convert it to JSON.
    If you do it like this, then you dont have to struggle with the string-creation.
    $Body = @{ PasswordList = $Name Description = $Description ApplyPermissionsForUserID = $global:UserToPermit CopySettingsFromTemplateID = $global:PasswordstateTemplateID LinkToTemplate = "False" Permission = "A" PrivatePasswordList = "false" NestUnderFolderID = $ParentFolderID APIKey = $global:PasswordStateSystemWideAPIKey } $jsonBody = $Body | ConvertTo-Json (just an example, it doesn't fit to your requirement)
    Best regards,
  19. Thanks
    Fabian Näf got a reaction from Matt in Importing from KeePass into Passwordstate   
    I made two PowerShell-Scripts to import your personal data into Passwordstate. One is for importing from KeePass and one for importing from Passwordsafe.
    Because Clickstudios is a great company with an amazing product and support, I like to share my scripts with the community.
    Terms: These scripts are free to use, it's not allowed to resell my scripts or making business with it! There's absolutely no warranty about what the scripts are doing, you use them on your own risk.
    I made these scripts, because the script above from Clickstudios has two disadvantages:
    It doesn't import the folder structure (everything is in one folder after importing). First you need to export to KeePass 1.3.2 and than export it from KeePass 1.3.2 into a CSV-File Prerequisits
    ID of a Template with URL-Field enabled (see manual from Clickstudios above) Systemwide API Key (see manual from Clickstudios above) ID of the folder in which you like to import to (for importing in Root, the ID is 0)  
    Using my PowerShell-Scripts
    My scripts are built to import a users personal KeePass/Passwordsafe data, so you need to specify a Username (e.g. domain\username), which you like to give access to the imported datas.
    If you first like to checkout, what whould happen if you would run the script, you can change "$global:PasswordstateWhatIf = $False" to "$global:PasswordstateWhatIf = $True".
    Export your data from KeePass (tested with Version 2.35) as XML-File.
    Start KeePassImporter.ps1 with PowerShell, enter requested datas and choose the XML-File.
    Export your data from Passwordsafe (tested with Version 3.42.01) as "Plain Text (tab separated)". As Delimiter use the default-value "»"
    Start PasswordsafeImporter.ps1 with PowerShell, enter requested datas and choose the Plain Text-File.
    Best regards & good luck with these scripts,
  20. Thanks
    Fabian Näf got a reaction from Yoshi in Importing from KeePass into Passwordstate   
    Hi Yoshi
    Have you enabled the "Anonymous API" and did you use the key for this API? (take a look at the screenshot above from Clickstudios).
    Best regards,
  21. Like
    Fabian Näf reacted to support in Bug when try to create private Passwordlist by API   
    Hi Fabian,

    Thanks for confirming, and we're going to need to fix this in the next release - and allow you to copy from a template if specified. For now, you will need to ask your users to manually select the URL field after the Private List has been created, and we should have a new build about before the start of next week.

    Click Studios