Jump to content

Ability to View Password Lists Without Contents


segvp

Recommended Posts

We'd like the ability to grant a user the ability to view that a list exists, but not view any entries within the list. The ability for a user to see the existence of all lists seems to already be implemented in the "Request Access to Passwords" screen.

 

This already seems to be partially implemented by granting view only access to a list, and enabling "Hide Passwords from users with the following permissions: View" which will allow the target user to open the list, see all data, but not be able to read or open any password:

image.thumb.png.1dce597116b47964380c34aaddf64c25.png

However, this then requires any user that we want to show the password to, to have modify permission on the password (something we wish to avoid). Additionally, the only field that seems to be masked for a view-only user is the built in password field, so other sensitive data (TOTP token (?!), IP addresses, additional passwords, etc.) is all still shown and can be copied.

 

The goal would be to have something like the following:

image.thumb.png.d4bd32942323b4bd6ef893faad24df75.png

Then, a view user would be able to copy passwords and see fields, a modify user could modify, and so on.

 

 

Link to comment
Share on other sites

That screen shows what we'd essentially like to see, but we would like a user with this new view-type permission to see password titles only for this list, and without needing to navigate to that other screen. I mentioned this in my initial post because it seems like the logic to accomplish this feature request is already mostly in place, but is not intuitive.

Link to comment
Share on other sites

That's getting closer but still isn't what we're looking for, for two reasons:

1. We have a lot of lists that we wouldn't want to clutter the nav pane with. For example, say you have a few different office locations, and you'd like the IT team at each to be able to see the different password entries within their folder (for example, to use it as an inventory of equipment and to see IP addresses, etc.). One wouldn't want different teams in different offices to see every list all the time.

2. This doesn't allow a user to see anything in the list, which is a useful feature but in this case we'd like the entries visible.

Link to comment
Share on other sites

  • 3 months later...
  • 11 months later...

You need a "List Permissions" setting, so that a user can see/open a record, but they cannot see password fields.  Our biggest problem is that, because users doesn't know that credentials exist (because they weren't previously given access to them), they have new ones created.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...