Jump to content

Password viewed emails to list admins only?


stuartsjb

Recommended Posts

Hello,

 

PasswordState looks great -- it's great to find a password sharing tool that keeps a decent audit trail. However I'd appreciate advice as to whether one particular configuration is supported.

 

I'm looking to implement PasswordState in a small team. Mostly, people only need access to a small number of passwords connected with their work. However if another system owner is away from work, anyone else might need access to a much larger set of passwords.

 

The 'request access' functionality doesn't make sense in this context: the whole point is that the people who would grant access will be unavailable when they need to grant it. I could instead give everyone access to all passwords, but keep the 'password viewed' notifications on. That will get annoying very quickly though: I don't want every member of my team to get a notification every time any other user views a password.

 

My ideal solution would be for 'password viewed' emails to go to the relevant list administrator(s) only. Is that possible?

 

Many thanks -- and have a great Christmas / New Year break, everyone!

 

Stuart.

Link to comment
Share on other sites

Hi Stuart,

 

Thanks for your kind words about our software - it's very much appreciated.

 

For your requirement, you might be able to use an Email Notification Group for this - let me explain how to do this:

  • Go to the screen Administration -> Email Notification Groups
  • Create a notification group, and disable the 'Password Viewed' notification
  • Then apply permissions to which users these emails will be disabled for - which based on your requirements would be non Password List Administrator users

Do you think this would work - it really depends on what sort of mix of users you have setup as List administrators? If this isn't an option, we'll try and think of something different.

 

We hope you and your family also have a merry Christmas and save New Year.

 

Regards

Click Studios

Link to comment
Share on other sites

  • 2 weeks later...

Hello!

 

Thanks for getting back to me so swiftly -- sorry for my delay in replying, whilst I was away over Christmas!

 

Your suggestion would certainly be an improvement: that way only system owners would receive notifications. However it's not quite what I have in mind -- though I suspect my ideal scenario isn't currently possible. Let me explain a little better.

 

Say we have a department of ten people: Alison, Bob, Clarissa, David, Ethel, Fred, Georgina, Harry, Jackie and Ken. That department has three core systems, which I'll call System X, System Y and System Z.

 

  • System X is managed by Alison, and is used routinely by Alison, Bob, Clarissa and David. All of them have personal accounts on the system, but there's also a generic admin account -- the details of which are stored in PasswordState.
  • System Y is managed by Ethel, and is used routinely by Ethel, Alison, Bob, Fred and Georgina. Again, all of them have their own accounts on there, but the details of a generic account are in PasswordState.
  • Finally, System Z is managed by Harry, and it's routinely used by Harry, Alison, Bob, Ethel, Jackie and Ken. As before, only the details of a generic admin account are in PasswordState.

 

Now, I want the entire department -- all ten people -- to be able to access the generic admin account details in an emergency. Most people won't care or need to know that this has happened, but the server owner should get a heads-up (so they can check that nothing has gone wrong in the process, and that the use was legitimate, and possibly to reset the generic account password).

 

In PasswordState terms, I want the list administrator to receive a 'password viewed' notification, but not all list administrators -- just the relevant one in that case. This becomes increasing important the more applications we add: we risk spamming everyone in the team (as many people will have 'manager' status for one or more applications) every time any password is viewed, and then I think the alert will become less effective.

 

Does that make sense?

 

Best wishes,

Stuart.

 

 

Link to comment
Share on other sites

Hi Stuart,

 

Thanks for the detail, and yes it definitely makes sense. As you've suggested, unfortunately it's not currently possible, so we will need to log a feature request for you and work on a solution for this issue. We'll let you know once we've come up with something.

 

Regards

Click Studios

Link to comment
Share on other sites

  • 1 year later...

Hello! @support -- just wondering whether this feature request is still in consideration (or even if I've missed it being released!). Realise that you'll be juggling lots of requests for everyone's individual use cases, but this would have the advantage in allowing us to use PasswordState rather more widely than we do already. As a reminder, the core of the issue is being able to specify, on a per-list basis only, the people  who should receive 'password viewed' notifications.

 

Many thanks!

Stuart.

Link to comment
Share on other sites

Hi Stuart,

 

Sorry, but we have not started on this request yet, and we currently have over 100 other pending feature requests that we are trying to work through. Maybe a workaround in the short-term is:

  • On the screen Administration -> Email Templates, disable the template 'Password Viewed'
  • The under the Reports menu, create a Custom Auditing report for this event - you can schedule this as often as you like, and you can also filter on certain Password Lists if you like.

I know this is not ideal, but possibly a work-around.

Regards

Click Studios

 

Link to comment
Share on other sites

  • 8 months later...

+1 for that Feature Request :-)

Have the same need to have some specific people informed on password viewed events (or maybe password checked out).

 

Other PasswordStores have that function called like sth. "sealed" or put a seal on a password - and inform if a user when the seal was broken.

 

Kind regards,

Constantin

Link to comment
Share on other sites

  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...