Jump to content

KingIsulgard

Recommended Posts

Hi,


I have recently begun setting up passwordstate in our company and am quite new to all of this.

Now I would like to know if the following use case is possible, and how to achieve this.

 

Sometimes we have external consultants coming in, for a limited amount of time.

They would require access to our systems and thus temporarly require account passwords (usually 'the' or a Administrator account) to log in.

 

Is it possible, with passwordstate, to generate a temporary password which will only last a given period of time? 

 

What would be the best way to tackle this use case? How are other companies resolving this?

Link to comment
Share on other sites

Hi Kinglsulgard,

 

Thanks for your interest in our software and we do have a couple of options that you can try to resolve this problem:

 

First solution:

I don't think this is what you are after but we have a feature called remote session launcher.  This allows you to remote into machines on your network without the need to enter a username and password.  You could give your contractors access to this feature, and they do not even need to know the password.  This means they will connect to the machine using a username and password that you have pre-configured, and they can then perform their work.  As long as they don't need to know the password to do their work, this might be a good option for you.  

 

Here's how to set up the Remote Session Launcher:  https://www.clickstudios.com.au/community/index.php?/topic/2110-how-to-set-up-the-remote-session-launcher-passwordstate-8/

Here's how to use the remote session launcher without even knowing the password:  https://www.clickstudios.com.au/community/index.php?/topic/2112-remote-sessions-without-access-to-password-credentials/

 

 

Second Solution:

Give the user Time Based access to the individual password, and force the password to be changed once that access runs out. To do this, go to the permissions on the password from the Actions Menu:

2017-12-07_8-08-38.png

 

And then choose the user to grant access to on the access permissions tab, and then on the time based access tab do something like this:

2017-12-07_8-09-21.png

 

If you take this one staep further, and set up the account for automatic password resets, passwordstate will also reset the password on the remote system.  An example of this is if you are giving your contractor access to a privileged Active Directory Account, when their time based access runs out, it will reset the password in Passwordstate, and also it will reset it in Active Directory, keeping them in Sync.  Please see this forum on how to set up automatic password resets for remote systems, and the Active Directory link is down the bottom:  https://www.clickstudios.com.au/community/index.php?/forum/31-password-resets/

 

Third Solution:

This may also be suitable for you, our Password Check Out/Check In feature:  https://www.clickstudios.com.au/community/index.php?/topic/1687-using-the-password-check-out-feature/&tab=comments#comment-3368

 

 

Hope this helps!

 

Support

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...