Password and My Vault expansion
F
Forthcoming Albatross
We have not been able to retire our team's password manager as of yet with hudu, besides a level of trust and security auditing that would be required there are key features missing. Up until now, we only insert passwords into hudu that are expected to be visible to the end customers for break the glass situations or implementation and provisioning needs. We would love to have less tools, especially ones that eliminate the need for so many point solutions like a typical third party password manager.
[Secure Password Management]
- Not just passwords, we need 'types' of secured items. Call it the Client or Customer Vault.
Each has its own specific fields per the type.
-- SSH Keys (Currently a custom asset in our Hudu instance.)
-- API Keys (Currently a custom asset in our Hudu instance.)
-- Card info (credit/debit)
-- Login (very similar to current password item)
Passwords for logins should allow for multiple website URLs. Have a '+ Add website button', so that the Hudu browser extension can be more helpful. The UI would just show each URL added.
URL Matching method, should be customizable to each URL.
- Default match base domain.
- match host
- exact
- Never match option
- Starts with
- regex
General needs for both areas:
- Passwords should have change history available in the UI.
- Full audit logs of changes, including creation and removal that are easily accessible to hudu admins.
- Some secure items such as break the glass passwords should not be easily changed, without specific admin rights. Internally for example, we have in our password manager multiple credentials that are only for DR or worst case situations that are only visible to owners and top management. employees and contractors have zero access, similar to having these credentials printed and laminated and place in a physical safe.
[The My Vault Section of Hudu]
- Need folders and Categories
- Exact same functionality as the secure password functionality.
- Need ability to relate My Vault Items to assets in Hudu, that are only visible to the My Vault User.