Knightdragon89

When you activate the Active Directory actions, you get the following AD administrative options: Unlock this account if locked User must change password at next logon Disable this account Enable this account I would love to see a 'feature option' that allows you to select one or more of these Active Directory options. I could greatly see allowing users the use of 'Unlock this account if locked', but because enabling the Active Directory actions option also allows 'Enable this account', I cannot not allow this ability to users. Having a feature option to select which of these four to use (or not use) would open the door to its use.

We have passwordstate in an air-gapped (OT) environment. The Reset Portal sits on the edge of OT and is accessible from out IT environment. I would like to request an API for the Reset Portal which would allow a user to access the Reset Portal and pull an account from their private password list in the OT passwordstate. So instead of forcing a reset when they could not remember their password, they would have the ability to pull their password from their private password list using an API call.

With more users working from home, the request for dark mode has increased and I usually hear about it in the negative; as in, how come all of our other company web pages can use dark mode and this one cannot.

How could I use TreePath to to find all password lists associated under a root folder? We use root folders to segregate departments (a department can only see their root folder and within), so everything within a root folder belongs to X dept, and any reports would need to be generated within those confines.

Its not enough to show what has or hasn't been used, that's an audit measurement. In compliance regulations set a measurement, for example all passwords within a teams control (all password lists under a root folder) has to be changed within 30 days of a member on the team leaving tbe team, and then you have a report which captures all accounts within the teams control (all password lists under the teams root folder) with the last updated date to prove all accounts under the team were changed within the required 30 days from separation. Complianve reports prove the requirements were met. To say a password has or hasn't been changed is not enough for compliance. Compliance auditors want you to prove to them nothing was missed.

I would like to requesr splitting the Admin role into; content admin and permissions admin OR adding a permissions role. Currently a password list admins can edit folder and password list content, but they can also change folder and password list permissions. We would like to control who has access to what folder and password list strictly through AD. But because an admin has the ability to change permissions inside PWS, we cannot make such a statement and pass a compliance or security audit. Simply saying we trust the admins is not good enough to pass a compliance or security audit, especially when there are fines for not being compliant. An alternative could be to increase the rights of the modify role as it currently does not have enough permissions to do all the functions needed; for example renaming a password list or executing bulk password changes on a password list. I'm not sure if changing the modify role or adding a new admin role is the best approach, but one or the other is needed.

I would like to see more compliance reports in the reporting. The marketing page says there are compliance reports for NIST, PCI, HIPAA, NERC, and SOX; but I beg to differ. There is an audit section in reporting, but not a section for compliance which can and usually is different than auditing. Audit says show me what has been done. Complaince says show me the evidence thar you actually did something and not just say you did. For example, if the requirement says all passwords must be changed every 90 days, don't just show me an audit of changed passwords, show me the last changed date of every password within a password list, or within all password lists contained within a folder. I'm having to meet NIST, NERC, and TSA compliance evidence reporting, and I'm having a difficult time doing so without writing reports using API, and even with the API its a challenge. I would love to see more compliance based reports in version 10, if possible.

I need a way to list the password list IDs contained within a folder. We use the root folder structure to determine access control, and have a script that; shows the last change date, for all accounts, within all password lists, within a folder. The key being -within a folder. This script is very important to us as its used to meet a compliance reporting requirement. We currently collect the password list IDs manually from the folder history export in the UI, and provide the IDs to the script using an inputs file. But this process is very labor intensive for the sec admins. A different export and inputs file is created for every root level folder, and has to be updated each and every time a user adds or removes a password list.

+1

The request is to have a report of passwords that have NOT been updated in the past X days. There are reports for passwords that have been reset, or have been updated, or will expire soon. But there are no reports that use the NOT logic; a listing of those which have not been done. The reason for the request is for audit or compliance, where you have an auditor that always seems to ask; "prove to me there are no passwords which have not been updated in the past X number of days".

I'm attempting to install and I keep running into this error. I'm trying everything I can think of to minimize connection issues to the db which is on the same box as the app, but I can't shake this error. Any thoughts as to the root cause and/or how to get past it? And I've tried multiple versions of mssql enterprise, mssql express, and of passwordstate all with the same results. So I'm thinking its something dealing with .Net or ASP.net, but I'm not sure. Error Code = Thread was being aborted., StackTrace = at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.AbortCurrentThread() at System.Web.HttpResponse.Redirect(String url, Boolean endResponse, Boolean permanent) at Passwordstate.Crypto.JoinSplitSecrets() at Passwordstate.SystemSetting.QuerySystemSettings()

I get this same error during installation. I'm trying to remove all the possible causes. Any thoughts as to root cause?