Hi Team,
We heard about Passbolt and we do have created a criteria sheet , we see that most of our requirements are covered , still we would like to get more info.
Below are our questions. We would really appreciate if someone from Passbolt can answer these
|1|Should be cross platform , should work on all OS - WIndows/MAC/Linux/mobile /IOS/web should have browser extensions |
|2|Should be on premises|
|3| Must be totally secure with -end-to-end and strong encryption, multi-factor authentication, and up-to-date security|
|4|Should have a user-friendly interface|
|5|Recovery option should be provided in case master password is forgotten
Recovery option should only work for group managed passwords and not individual passwords? No recovery is a sign of good security here.
More explanation: Recovery requires the central location to have the ability to decode it independent of the persons master password. So inability to recover without the master password means even the central location doesn’t have access to decode it, only the endpoint with the user’s password and the operations done on that password allow the decoding. That is a trade off.|
|6|Automatic Device Sync -when switching devices we should instantly find all up-to-date information on our vault.|
|7|Should be able to create groups|
|8|Should serve as a centralized repository to consolidate sensitive passwords. A strong vaulting mechanism, AES-256 encryption, dual encryption, and other standard good practices to ensure rock-solid data security.|
|9| Detailed reporting feature when required|
|10| Provision to transfer data only through secure communication channels via SSL/TLS.|
|11|A simple and powerful password generator that helps to generate a strong and unique password for each application based on the internal password policy.|
|12|Help users access the service from any device, operating system, and browser without any additional requirements.|
|13| Administrators should be provided with a powerful dashboard to carry out operations like user import, set user roles, policies, and grant and terminate user access.|
|14|Users should be able to share passwords with different levels of password-sharing permissions: view, modify, manage, one-click access only|
|15| Helps users quickly log in to their everyday apps and websites in a single click.|
|16|Works with identity providers and popular apps, and also offers APIs for custom integration if required|
|17|Admins can share a password with multiple groups and changing the password is reflected across all users + devices that have access to it|
|18|Rotating a shared password is reflected across all users + devices who have access to it|
|19|Passwords rotation should be easy or there should be some automation for same|
|20|Addition of new users should be easy and seamless|