Sunday, March 20, 2011

Meet WebPasswordSafe

WebPasswordSafe v1.0 was quietly released two months ago, and the feedback has been great so far.  Time now to publicize to a wider audience.  For first time users or administrators considering adoption, although there is ample documentation to read (AdminGuide and UserGuide), oftentimes screenshots can give a quicker and clearer picture.  So please join me while we take a quick visual walkthrough of the basic features of WebPasswordSafe!

First is the login screen.  Simple but the strength is in a multitude of authentication plugins on the backend to integrate into your existing environment or use the default.

The first task of an administrator is often to create users and groups for those who will use WebPasswordSafe in the organization.

Setting up new users and updating existing ones are a breeze.  Administrator role can also change user's passwords if using local authentication.

Creating and updating groups is similarly easy to model after your organization.

From the user-friendly interface, you can add/remove users from the groups screen...

...or add/remove groups from the user screen.  Also disable (rather than delete for audit reasons) user accounts from being able to access WebPasswordSafe.

As a regular (non-administrator role) user, the user interface will change slightly and you will spend most of your time adding, searching for, and viewing password entries.

Adding/updating a password entry is a powerful screen.  Give each entry a unique title, username/password credentials (or invoke the generate password plugin to create a new random one based on complexity policy you set), friendly one word tags for categorization, other notes, and how many historical iterations of the password to keep.

Beyond a password entry's basic attributes, you'll want to also change the default permissions (GRANT to logged in user) to share in either read/write/grant mode to other users or groups in your organization.  Fine-grained access controls on each password entry to share with members of your organization is a key feature of WebPasswordSafe.

Searching for existing passwords you have access to is easy using the simple main search screen.  Search based on text in the password title, username, notes and/or by tags, choosing whether to include inactive (deleted) ones or not.

Once you find the password entry you want, you can quickly access the current password value by double-clicking the row's password column to produce a pop-up screen containing the decrypted value to conveniently view or copy/paste.  Alternatively you can double-click any other column of the selected row to bring up the view/edit password screen.

View Password History is an option from the password screen. It displays all past password values for a particular entry based on the max history value you've set, when they were created and by whom, and copy/paste ability.

View Access Audit Log is another option from the password screen.  It displays a complete audit log of each time users have viewed the password entry's decrypted value.

Oftentimes you will find yourself applying the same set of permissions to multiple password entries.  If the set of permissions is large, you may find yourself clicking a lot.  To make this faster, you can create a permission template once, and easily apply it to multiple passwords- less clicks!

Create your permission template using a similar easy-to-use interface as when applying permissions to password entries.

Now when editing password permissions, you can Add Template to apply a whole set of permissions at once, rather than one by one!

Depending on your role (user or administrator) you will have different reports available to you, in both PDF and CSV format.

Users Report (PDF format)

Groups Report (PDF format)

Password Access Audit Report (PDF format)

Password Permissions Report (PDF format)

Current Password Export Report (CSV format)
Good for offline export and keeping in a locked safe for disaster recovery purposes.

Finishing up the few last features- easy access to Help documentation...

...the About screen...

...change password and logout.

Change password screen, if you are using the default local authentication plugin.

And that wraps up the client-side features of WebPasswordSafe v1.0.  The simple user-friendly front-end, combined with a secure, flexible, multi-platform, and highly configurable back-end makes WebPasswordSafe the ideal multi-user enterprise password safe/manager for your organization.