Passwordstate is a web-based solution for secure management of passwords,
for both individuals and teams of people. Role based administration and
end-to-end event auditing, provides a secure platform for password
storage and collaboration.
Track Personal & Shared Password Lists
Passwordstate you can track passwords for individuals, or create Shared
Password Lists to be shared amongst multiple people.
Changes to passwords, and associated account details, are kept for the life of the record.
Compare history records for changed passwords, visually showing changes to fields.
Real-Time Password Change Notification
can elect to receive email notifications when passwords are added,
editing or deleted from a Shared Password List they have access to.
Import and Export Passwords
import or export lists of passwords for either safe storage outside of
Passwordstate, or to reduce the amount of time adding new passwords.
Secure Access to Shared Password Lists
Password Lists are controlled by granting access only to the
individuals requiring access. The ‘List Administrator’ role provides
granular control over who has access, and who can modify a shared list.
Expiring Passwords Management
View expiring passwords in a calendar view, or elect to receive an expiring passwords report either daily, weekly or monthly.
View real-time changes to personal or shared passwords.
‘Administration’ area of Passwordstate provides Security Administrators
a set of tools for managing and reporting access to Passwordstate, and
various governance related features.
auditing reporting on 23 different types of events within
Passwordstate, including which user made the change, and the IP Address
of the computer they made the change from.
Customised Email Templates
All emails generated from within Passwordstate can be customised to your liking, and can be enabled/disabled as required.
Shared Password List Reporting
Administrator’s can now see and administer all Shared Password Lists.
The passwords for the shared lists are not visible, unless the Security
Administrator has elected to allow passwords to be exported as part of
the export feature.
Password Strength Policy
Security Administrators to specify criteria for reporting on the
strength of passwords within Passwordstate. This provides users with
visual representation of password strength, either when entering
passwords, or in each of the grid views.
2nd Level Password Protection
To further secure the Administration area of Passwordstate, additional 2nd level password protection can be enabled.
Multiple Active Directory Domain Support
supports multiple Active Directory domains and forests, allowing
importing of users, and cross domain authentication. User accounts can
also be imported/exported from CSV files.
User Acceptance Policy
Administrators can elect to prompt Passwordstate users with a
customised User Acceptance Policy, outlining to usage principles for
Passwordstate. This policy can be a mandatory, requires acceptance from
the user, or you can elect not to have a policy at all.
Data Protection & Security
4.0 ensures the integrity of your sensitive data, by securing the
back-end from system administrators, and the front-end from
Encryption and Obfuscation
protect the privacy of sensitive data, all passwords are stored within
the database using 256 Bit AES Encryption, and sensitive code is
protected by the use of precompiled ASP.NET pages and obfuscated .NET
Assemblies. No longer can web or database administrators gain access to
data they are not authorised to view.
Unique Initialisation Vector
Every instance of Passwordstate generates its own unique Initialisation Vector for encrypting data.
Automatic Logout Period
Automatic Logout Period can be specified for inactive sessions i.e. if
a user leaves Passwordstate open on the screen, it will be
automatically logged out once the logout period is reached.
Integrated Windows Authentication
Integrated Windows Authentication provides a greater level of secure access to Passwordstate
Optional Two-Factor Authentication for Administration Area
Administrators can enforce a secondary login into the Administration
area, protecting against System Administrators logging onto the Active
Directory domain using the Security Administrators domain account, and
gaining access to the Administration area of Passwordstate.
multiple Active Directory Domain support, and built on Microsoft’s web
and database platforms, you can scale your solution from a single user
to the enterprise.
Role-Based Access Control
access permissions in Passwordstate ensures only authorised access to
sensitive data is possible, and governance of Passwordstate usage is
well managed. Passwordstate has 4 key roles:
User – A Standard User has access to all features in the ‘Passwords
section, but no access to the ‘Administration’ section
- Security Administrator – A Security Administrator has access to both the ‘Passwords’ and ‘Administration’ sections
passwords ‘Standard Access’ role can add, edit and delete passwords
from a shared list, as well as view which users have access to the list
- Shared passwords ‘List Administrator’ role can, in
addition to the Standard Access role, grant/deny access to the list for
Real-time Notifications and Auditing
real-time email notifications when shared passwords change, and view
auditing information for events relating to your access control.
Active Directory Integration
leverages the investment your have made in your Active Directory
implementation, and fully supports multiple Active Directory domains
In addition to importing user
credentials direct from Active Directory, Passwordstate also uses the
authentication mechanism inherent to Active Directory & Internet
reporting ensures the governance of your enterprise’s passwords are
well managed, and reported when required. The following types of
reports are available within Passwordstate:
- Exporting of User Accounts
- Exporting of Personal & Shared Passwords
- Exporting of Audit Events
- Shared Password List Access
- User Access to Shared Password Lists
- Password Strength Compliance