Time-Based Access to Password Lists

When applying permissions to a Password List, you will notice a tab called ‘Time Based Access’. By clicking on this tab you can set the access to expire automatically at a specific time, or by a certain number of days, hours and minutes into the future.

After you have set the expiry date for the access, a new icon will be shown in the ‘Expires’ column of the Password Lists Permission page:

The Passwordstate Windows Service checks every one minute if any access has expired, and removes permissions if appropriate.

Time-Based Access to Passwordstate

Another useful feature is to automatically remove or disable a user’s account in Passwordstate at a set time. The screen for configuring expiry of an account is similar to the one for Password Lists, except this time you can also choose to disable or delete the user’s account.

This feature is very useful if you have contractors working in your organization, or if you have an employee leaving at a known time.

Regards

Click Studios

Passwordstate – Password Management Software

In order for a Password List to be ‘ready’ for synchronization, the following ‘Customized Fields’ are required for the Password List:

• You must select the ‘User Name’ field
• You must select one Generic Field and label it ‘Domain or Host’
• You must select the ‘Account Type’ field

When a Password List is ready for synchronization, you will see the following graphic at the top-right hand side of the Password grid:

Now, when you edit a record, you will see the following screen:

• 1 – You must select the ‘Account Type’ of Windows
• 2 – The ‘Account Synchronization Enabled’ indicator will be shown
• 3 – This icon allows you to confirm the password you are enter matches what’s stored in Active Directory or on the local Windows Server
• 4 – This is what you click on to save the record in Passwordstate, and to change (sync) the password in Active Directory or local Windows Server

Note: When adding a new password record to Passwordstate, you cannot also add the account into Active Directory or local Windows Server, however you can confirm the password is correct by clicking on the Check Password icon.

As of Build 5416, we also have a report which you can run for Password Lists which validates in real-time if the passwords are synchronized. You will see the following drop-down menu option if the Password List is ‘ready’ for synchronization:

We hope you like to new feature, and look forward to hearing any feedback from you.

Regards
Click Studios
Passwordstate – Secure Password Manager

Click Studios is very pleased to announce the availability of Version 5.4 of Passwordstate with 70 new features, updates and bug fixes in total. Notable changes are:

• Synchronize Password changes with Active Directory or Windows Servers
• Prevent Reuse of Passwords
• Mandatory Password Strength options
• Share Password List Templates with other users
• Secondary authentication options for securing access to Password Lists and navigation Tabs
• Improved document handling for Password Records and Password Lists
• Search across all passwords in Password Folders
• Audit Log Tamper Detection
• Any many User Interface improvements

You can download the latest release from here – http://www.clickstudios.com.au/downloads/passwordstate.zip, or watch the following short video showing some of the new features.

The following video demonstrates how to use the Recycle Bin feature within Passwordstate. Any questions at all about the feature, please don’t hesitate to ask.

Regards
Click Studios

Click Studios is pleased to announce the availability of Version 5.3 of Passwordstate, which includes 13 new features, 8 enhancements & 12 bug fixes. Notable changes are:

• We’ve introduced a new feature called Emergency Access. This access is only meant to be used when other forms of user authentication are not possible i.e. AD is unavailable, or users are unavailable
• Recycle Bin for deleted passwords. You can now restore deleted passwords from the recycled bin if required
• You can now specify which users (all, none, individuals or security groups members) can create Password Lists, Password Folders, Administer Password List Templates, or request access to passwords
• Provided the feature whereby you can link passwords copying them between Password Lists – all details are synchronized between Password Lists
• Multiple Password Generator options are now possible allowing you to assign each Password Generator to different Password Lists
• User can now choose exactly which email notifications they would like to receive or suppress
• You can now synchronize the enabled/disabled status of an Active Directory account in Passwordstate
• When an Active Directory account is deleted, you can now either choose to delete, disable or ignore the matching user account in Passwordstate
• Modify permissions for Password Lists now has the following options – Add, Edit or Delete passwords
• When users has ‘Guest’ access to a Password List, you can now choose to allow them to also create new password records
• You can now choose to receive a Daily Audit Report via email showing the past days activities for the Password Lists you have access to
• Provided the option to disable the feature which allows you to purge all auditing records
• Provided option to View or Email another user a direct link to a Password record

You can download the latest release from this location http://www.clickstudios.com.au/downloads/passwordstate.zip, and upgrade instructions are included in the download.

Regards
Click Studios

Click Studios is very pleased to announce the availability of Version 5.2 of Passwordstate with 10 new features, 7 enhancements & 9 bug fixes. Notable changes in this release are:

• Now supports Region Settings (Locales) for individual user accounts which are in different time-zones
• You can now upload documents and attached them to individual Password records
• You can now have multiple Password Strength Policies, and apply them to different Password Lists
• Multiple options are now available for automatically hiding visible passwords – a set time period, or variable time periods based on password complexity or length

For information relating to this release, and instructions in upgrading, please visit our web site at http://www.clickstudios.com.au/forum/viewtopic.php?f=6&t=111&sid=2b84989def75cf8e1ddc8e1a868a65d1

We can’t thank our customers enough for their feature suggestions, and working with us to development a better product for everyone.

Regards
Click Studios

In the upcoming release of Version 5.2 of Passwordstate we will be introducing a feature whereby you can upload/attach documents to password records. There is no restriction on what type of file type you can attach, and each time you upload, delete or view attachments, audit records are added to the systems. All attachments are stored within the database, so they can also be replicated to the High Availability instance of Passwordstate as well.

A couple small screenshots are:

Opening Attachments

Uploading attachments

Click Studios is very pleased to annouce the availability of Version 5.1 of Passwordstate. We can’t thank our customers enough for their feature suggestions, and working with us to development a better product for everyone.

To upgrade to version 5.1, download from here http://www.clickstudios.com.au/downloads/passwordstate.zip, and follow these instructions – http://www.clickstudios.com.au/downloads/Upgrade_Instructions.pdf.

Please Note: Version 5.1 introduces the feature of continuous sharing of the Password Lists Navigation Tree with other users who have access to the same Password Lists. Because of this change, this upgrade will remove any nesting of Password Lists in the tree view which you may have created, and this will need to be redone once the upgrade is complete.

Changes in this version are:

• New – Password Lists can now be organised within folders
• New – The navigation tree structure for Password Lists is now shared with all users who have access to the Password Lists
• New – The notes field for passwords is now searchable across all screens
• New – Added an option to add one password after another, instead of returning back to the Passwords screen every time you add a new password
• New – Added an option which allows restricting of searching for users (when applying permissions) to only users who are in the same Security Groups as the person granting the access
• New – Provided 3 authentication options when using Integrated AD Authentication:
• 1. Pass through authentication from your web browser to Passwordstate (does not require use to type user name & password)
• 2. Require users to enter user name & password after they have manually, or been automatically, logged out of Passwordstate
• 3. Require users to enter user name & password every time they wish to use Passwordstate – including after they have been logged out
• New – Added option whereby Security Administrators can be alerted to failed login attempts into Passwordstate
• New – Added the concept of ‘Bad Passwords’, whereby users are informed a password they are trying to add/edit is deemed to be bad – and the appropriate strength indicator is shown
• New – Added two new options to the Password Generator – 1. Insert Word Phrases randomly into Alphanumeric passwords, and 2. Provide ‘No Separation’ option between Word Phrases
• New – Added the option for the Password Generator to ensure passwords meet a minimum password complexity
• New – Added ‘Access Notes’ for when granting permission to passwords, so reasons can be journaled if required
• New – Optional timer for automatically hiding passwords when a user views them in the password grid view
• New – Optional timer for automatically clearing the clipboard after passwords have been copied to it (Chrome and Firefox users are presented with a button they must click on the clear the clipboard)
• New – Added the option for Security Administrators to enforce the same Password Generator options for all users
• New – Added the ability to create templates for Password Lists, where preferred options can be reused when creating new Password Lists
• New – When creating a new Password List, you can now base all the settings on an existing Password List, as well as copy the permissions if required
• New – Within the ‘Screen Options’ for Password Lists, you can now choose to apply the visibility of columns to the current Password List, selected Password Lists, or all Password Lists
• New – On the ‘Passwords Home’ page, we’ve added the option where you can choose which columns are visible for the ‘Search Results’ and ‘Favorite Passwords’
• New – On the ‘Passwords Home’ page, you can now hide ‘Favorite Passwords’ if you do not wish to see them
• New – Provided the option whereby users can request access to Password Lists or individual passwords (actual passwords are not displayed). Either of these options can be enabled or disabled
• Update – Update to the most recent version of ASP.NET Ajax Controls
• Update – When scrolling down the page and clicking on the ‘Copy to Clipboard’ graphic, no longer are you returned to the top of the page – scrolling position isn’t affected
• Fix – User’s were able to save the expand/collapse state for the Password List navigation tree nodes when using the High Availability module
• Fix – When exporting Passwords from the ‘List Administrator Actions’ dropdown list, removed the Favorite Password indicator column
• Fix – If the ‘Description’ field for a password record had double quotes in it, an audit record was not being added when a user copied the password to the clipboard

Regards
Click Studios

• Access Management – Passwordstate has granular role based access, so segregation of access is possible. Read, modify and administrator permissions can be granted to Password Lists and individual Passwords, either to individual users or users who have membership within a Security Group. Security Administrators (who administer the whole system) have 12 different roles which can be applied
• Password Length and Complexity – As users administer passwords in Passwordstate, they’re provided visual recommendations for how strong the password strength is based on policy set by the Security Administrators
• Compliance reporting – Passwordstate has 32 different types of reporting available, based and the majority of events being audited as they occur. You can see a complete list of audit reports here - http://www.clickstudios.com.au/about/compliance-reporting.html
• Tracking and reporting of password resets – each password within Passwordstate can have an expiry date set, with reporting and email/visual reminders as a result
• Password Reset Recommendations – when a user’s access to passwords is removed, a recommendation email is sent to each of the Password List Administrators recommending they reset the appropriate passwords

Importing passwords from KeePass is achieved by first exporting the passwords to a csv file, then importing into Passwordstate. The steps involved are:

1. Preparing Passwordstate

You first need to create new Password Lists in Passwordstate which match the naming standard for each of the password ‘Groups’ in KeePass.

2. Exporting from KeePass

To export all the required password ‘Groups’ from KeePass, simply right click on each of the ‘Groups’ and select ‘Export -> KeePass CSV (1.x)’ and save each of the password lists

3. Import into Passwordstate

Now that you have all the required exported CSV files, you need to ensure the columns in the CSV files are in the expected format for your Password Lists – each Password List can have different fields.

The easiest way to determine the expected CSV file format is to do the following:

• Click on the ‘Import’ link for the appropriate Password List
• Click on the ‘Step 2 – Populate Template with Data’ tab
• Modify your exported KeePass CSV file to match the column specifications

Once you have modified the exported KeePass csv files to suite, you can perform a ‘Test Import’, and then the actual ‘Import’, from the tab ‘Step 3 – Import Data’ – the ‘Test Import’ button allows you to verify any data issues prior to importing.

We hope this helps any of our customers wishing to import data from KeePass into Passwordstate.

Regards
Click Studios