Introducing centralized device password management

Starting with v2.4.0 device42 would support centralized password management as part of the core offering. It doesn’t replace any personal password management or other enterprise level user password management systems(that can do logins automatically and change passwords automatically). It is basically for shared password management where you want to centralize network and device passwords in a secure fashion and share with only those admins who you authorize.

Security

  • Passwords are stored encrypted with AES256 encryption in the database(using a passphrase created by you).
  • Passphrase to encrypt the passwords is stored in file system in an encrypted format. (and not in database)
  • Now, http redirects to https by default, no clear text over the wire anymore. (You can add your own certificate too!)
  • Password is retrieved on html display page only when you click show password button(unless you are in edit password page).
  • Permission is per password(or row) based and you can be granular who can see and edit the passwords.
  • Backup file would have encrypted passwords only and passphrase would not be exported or part of backup. And backup file is encrypted as well. (Backup and restore is also a new feature in v2.4.0)

Search

You can search by username, device names or notes right in password list page for easy look up.
partial search terms are allowed. For security and or permission concerns, the search bar on home page doesn’t include search in the password fields.

v2.4.0 Preview is available upon request. Please send an email to support@device42.com(with your current version if applicable) and we would send you the download link. We are in process of publishing the release and the documentation.