Reporting Passwords about to Expire

In previous blog entries we’ve run through setting up Scheduled Reports to alert Security Administrators and users when particular events occur.  The previous examples focused on alerting an intended audience when extremely sensitive password credentials, say for an organization’s primary bank account, were accessed.  However, you can also setup a Scheduled Report to notify an intended audience when password credentials are about to expire.  But wait…there’s more. 

You can use Passwordstate to share information, based on assigned roles and permissions and with full auditing of access to this information.  This can include information relating to,

  • Alarm/Door Codes
  • Credit Cards
  • Software Licences
  • SSL Certificates

Passwordstate provides built in templates for these, and you can create your own for things like hardware or software maintenance contracts etc.  The details on what else you can record can be located in a previous blog entry here.  Once you’ve got information and/or password credentials in Passwordstate, you can setup Scheduled Reports to notify you when they are due to expire.

Setup Report for Passwords about to Expire

Like with the previous blog examples, we’re going to use the following account for this blog (yes – it’s still a fake account).  It does however enable us to report against it,

Next, we’ll setup a Scheduled Report by navigating to Reports->Scheduled Reports as per the screenshot below,

and create a report called Passwords-Expiring-90 with the following options,

Note, I’ve elected to CC Report To one of my colleagues, Email Report As Embedded HTML, selected Do not send report if it produces no results and Selected Report Type as What passwords are expiring soon? You’ll also note under Report Description & Criteria it states to use the expiring passwords settings tab.  This is where you set the Password Lists and options you want to use.  I’ve selected the Password List called Website Logins, and the number of days in the future you want to include in the report, in this case 90 days.  You can also select if you want to include passwords that have already expired.

Then simply specify the time and frequency of the report on the Schedule tab, with options for One Time, Daily, Weekly or Monthly.  When the report has run, I receive an email as per the following screenshot,

Storing SSL Certificates and Reporting Expiry

Using the above example, being notified of passwords that are soon to expire, you can do the same for other types of information stored in Passwordstate. 

Here at Click Studios we store all our SSL Certificates, along with their expiry date in Passwordstate.  This enables us to run scheduled reports, advising what certificates are due to expire in the next 90 days.  I’ve included the redacted screenshots showing the SSL Certificate entry for our QA (Quality Assurance) environment below;

and the copy of the certificate,

and the rest is as simple as the steps in the first example.  Doing this we never get caught out with certificates expiring on us without notice!

As always, we welcome your feedback via