Password Manager with web access

Our company uses dozens of servers running hundreds of services. They are set up and administered by different people who may get sick, switch to another project or resign. Already more than once a situation arose when it suddenly turned out that no one knows the password from this or that database, web server or other resource requiring authorization. In this situation, there is only one way out - a single password storage server.

The choice of software was complicated by the fact that a solution was needed with the possibility of installing on a local server and specifically under Linux. Finally, after a long search, I installed and tested TeamPass - Collaborative Password Manager. This product fully satisfied my needs for centralized password storage. I will not describe the installation. It is quite simple and described in some detail here . My goal was to tell about the solution that I have been looking for. Perhaps someone will also come in handy.


The first thing that meets us is the authorization window in which you can set a time limit for the session. By default it is limited to 60 minutes, but this value can be changed.

')
If the selected time is short, you can easily extend the session.


The main, working interface of the program is functionally divided into two panels. In the left - resources, in the right - the contents of resources with passwords. For creating and editing operations, use the panel in the extreme right part of the window. For settings and program management - the top panel. The interface is almost completely translated into Russian. True, there are errors in the translation, but they can be easily corrected in the includes / language / russian.php file


The user has three basic levels of rights: Administrator (as interpreted by TeamPass God :)). Manager - can create folders and create passwords within the allowed directories. And a simple user Read Only, who can only watch the allowed objects, but can not change anything.


On the "Role Management" tab, you can configure the visibility of folders for a group of users.


The storage structure itself had to adapt somewhat. Personally, I need to store passwords for servers, and there can be several passwords. Therefore, storage was organized as follows: the server itself is a folder, and already passwords are objects.


You can view the hidden password by clicking the button with the image of an eye.


Passwords can be generated in the program itself by choosing the desired level of complexity.


Also, when creating a folder, you can force the complexity of future passwords. The user can not create a password more than a simple level.


From personal feelings. Of course, the program is not without rough edges, but on the whole it is satisfied. If someone tells you a better option, I will be more than grateful.

At the end of a small note. Because the server will contain the most valuable information, I strongly recommend taking care of its security. Set a complex login password, disable the admin user, do not release the server to the Internet, give access to a limited circle of people. Do not be lazy to screw the SSL certificate. And not self-signed, but trusted. Especially since there is a way to get it for free . Not superfluous, I would even say mandatory, will drive the server through security scanner tests, such as Nessuss or Metasploit.

UPD: The keen eye of the respected UksusoFF noted the ability to import from a CSV file or KeePass XML.