Azkabahn

When you are adding Webhook in slack, user can choose where to post messages. It can be a direct message to a specific user, but not really makes sense. One webook cannot post to multiple channels or multiple users. So best practice is to have a dedicated alert/notification channel. In terms of the content, it could be the same as in email templates (i assume) already.

mostly we use this https://slack.com/apps/A0F7XDUAZ-incoming-webhooks It's very simple, you add this to your Slack workspace, you get API key which in turn put in the third-party app. Of course, that third-party must support sending notifications or whatever is needed to slack.

+1 for slack webhook

any update on this?

Hi, yes I am aware of that. My request was that this would be done via the Administration panel. I would like to have an option to select several password lists and run the scan.

Hi, would you consider adding additional functionality to Self Destruct Message as selecting a different email template? Currently, there is only one available "Self Destruct Message Email", it would be great if you could have a few different email templates for that.

I had a similar idea as well. Unfortunately, it doesn't work in our case since self destruct is places in DMZ zone and will be used to send out URLs outside organization. While the main PasswordState is placed in infra segment with no access to outside. Another question, I haven't had time to test it, but what if we simply use round-robin dns technique? Would PasswordState understand and return the message content?

Hi, I will use this topic instead of creating a new. I hope it fits under this topic. In the administration area, it is possible to run a global report against haveibeenpwned database. The problem I face is that currently, I have 22167 password records in the database. When I click on that report, the whole PasswordState application crashes and gives 503 error. Perhaps an idea for future release to introduce batching or an option for the administrator to pre-select password lists? The latter would be more suitable as in our case you usually want to get a report on specific password lists that are managed by specific people.

Hi, i was wondering is it possible to run Self Destruct in HA mode? The documentation only points out a possible issue with running PasswordState in HA. I have deployed a totally separate windows server in DMZ where I run Self Destruct.

Hi, yes, it works on linux/mac if your machines are joined into AD

+1

Hi, i would not say that you can use WinApi only from windows machines. We are using WinApi from Linux machines for quite some time and it works fine as simple as this: curl --ntlm -u "user:pass" "https://passwordstate_url/winapi/passwords/XX"

@SGauvin i think it's easier to put a proper health checks on your backend and then visualize in Grafana or any other similar systems. Next step would be to add alerting based on triggers. Also - put a dynamic DNS load balancer in front so you could easily switch between primary instance and HA. We have built all of it and we do PasswordState upgrades with 0 downtime.

+1

+1 Also it is difficult to understand the situation where a user is duplicated many times when you look at the permission list. For example: User A has modify permissions for Record A User A has view permissions for Record B I will have the same user displayed 3 times: 2 for above permissions, 1 record under the guest column. Perhaps it would be possible to separate such views? One for password list level, second for individual records?