Before I get to the issue, I want to say thanks to everyone who worked on this. It is quite fantastic. I just did my first install in my Scientific Linux 7 dev environment and have been tinkering around with it for the last hour. Great job!
Thank you for the time to read my proposed feature.
Q1. What is the problem that you are trying to solve?
The environment that I really would like to use this in is one with a team. I’m comfortable that Security will OK Passbolt. However, I know that the moment Audit comes to it they are going to ask to see the log history. Who requested what password when?
How difficult would it be to have a history on a password of user/date-stamp use?
If it is there already, I apologize but I couldn’t find anything about history or access log in the documentation. Nor did I see such a history in my exploration time today.
Q2 - Who is impacted?
I think any team environment where Audit cares to know that group passwords are not just checkout at will with out any recorded interaction.
Q3 - Why is it important and/or urgent?
I think this feature would be a fantastic step into supporting those of us in restrictive environments who have audit and security teams that watch us closely. Most of the other available options are either terrible or unfortunately moving towards cloud based access (which has many negatives, the biggest for us is being on networks with zero or extremely limited Internet connectivity - updates are sneakernet harddrives). Even for my SysAdmin friends in Universities, many of them are under increasing pressure for audit-controlled-password management systems.
Q4 - What is your proposed solution? (optional)
I don’t know how hard it would be, but if there was just a recorded history tab per password. I don’t think it has to be much. Just a
“$userA create on $dateA1”
“$userA updated URL on $dateA2”
“$userB copied password on $dateB”
“$userC updated password on $dateC”
That simple logging would go a LONG way to getting Audits buy off for us to move out of dev and into full use.
