Jump to content

Search the Community

Showing results for tags 'password'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Essentials
    • Announcements
  • Passwordstate 9.x
    • Community Support
    • General Hints and Tips
    • Known Issues
    • Installing Passwordstate
    • Feature Requests
    • Feature Requests - Completed
    • 3rd Party Hardware/Software Knowledge Forum
  • Knowledge Base
    • General FAQs
    • Password Resets
    • Remote Session Launcher
    • App Server
    • Passwordstate API
    • Browser Extensions
    • Password Reset Portal
  • Passwordstate 8.x
    • Community Support

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Jabber


Google Plus Account


Skype


AIM


Yahoo


ICQ


Website URL


MSN


Interests


Location


Biography


Location


Interests


Occupation

Found 3 results

  1. Summary of Use case: MSP client insists on utilising a known Bad password, is unwilling/unable to change the password for operational reasons, but the password still requires documentation in Passwordstate by the MSP. Current Outcome: The only option in this scenario is to disable Bad passwords detection entirely for the whole password list, and this is a sub-optimal outcome that prevents us deriving any security benefit from the feature. Requested Feature: Short of blocking bad passwords, we'd like to be able to benefit from the Bad passwords feature by: * Having an option added for a Passwordstate user to notified when a Bad password is entered, but still allowing the user to save the password entry anyway. (IE: Choice to Block OR Notify)
  2. Please add TOTP secret key change history to Passwords. Please add audit logging for when the TOTP secret key is revealed/viewed/copied (just like passwords are) This is important because in a system with 700+ users, if someone accidentally edits the TOTP secret key or removes it, there is no way to recover it and you might be permanently locked out of an account, if that account does not have any other 2FA methods configured. Some enterprise systems like Microsoft Entra do not issue TOTP one-time account recovery codes. When users share passwords that have TOTP enabled on them, the TOTP secret key could be copied to a different authenticator app. Since the TOTP secret key is sensitive it should be treated like a password from an auditing and who knows it perspective.
  3. Hello, I am wondering if there is a possibility to prevent users deleting passwords if they have Modify permissions. Or, if it's possible to have a fourth option for permissions where it allows them to add/change passwords, but not delete. Just trying to tighten up some control. Thanks!
×
×
  • Create New...