- Create Active Directory users with Power Automate for Desktop - Mon, May 23 2022
- Azure AD certificate-based user authentication - Wed, May 11 2022
- Passwordless authentication with FIDO2 and Azure Active Directory - Mon, Apr 25 2022
Enterprise organizations today use dozens of services, if not more, including both on-premises and in the cloud. Good password hygiene requires users to choose strong, unique passwords for each account they possess. Unfortunately, when left without a tool to manage passwords, users tend to choose weak passwords and reuse them across accounts. Passwork is a password management solution that provides features for managing passwords across your business.
What is Passwork? ^
While the field of password managers is crowded, Password provides a solution that offers many features, simplicity of use, and platform management that appeal to users and admins alike. Passwork focuses on increasing the security and usability of corporate passwords.
It caters to organizations of all sizes, including:
- IT teams—Offers private and organization vaults, API for integration, user rights management, auditable history, and password security auditing.
- Small-to-medium businesses—User rights management, LDAP integration, and GDPR compliance.
- Enterprise organizations—SSO authentication, clustering, and failover for HA, and deployment flexibility to multiple sites.
The Passwork solution is offered in two options. Organizations can choose the option that fits their specific business needs and management policies. There are two types of licenses:
- Standard license - for organizations that do not require integration with SSO, mapping LDAP groups with roles, installation in branches and several other features.
- Advanced license - for organizations that need the full set of features for password administration, as well as a personal manager.
Keen on security ^
One of the key requirements for organizations adopting a password manager solution is security. But when it comes to the self-hosted version, security in general is clear, because here it all depends on your company.
Passwork embraces security best practices related to encryption. All data are encrypted using the AES-256 algorithm while being securely stored on your server and managed only by system administrators. Passwork runs on PHP and MongoDB and can be installed on Linux and Windows with or without Docker.
Using Passwork password manager ^
Passwork provides one of the easiest ways to demo the product I have seen and, frankly, one that I wish more vendors would follow. The Passwork online demo is a fully featured representation of the solution that allows complete testing from both a user and a management perspective.
If you want to demo the product on-premises, you can still do so. Passwork also makes the on-premises testing extremely easy by providing a Docker image that allows you to quickly stand up the self-hosted demo version of the Passwork solution on your own server with just a few clicks.
I will be using the online demo for the following screenshots of using and interacting with the product:
The online demo provides demo data to work with and use. One of the first impressions of the Passwork dashboard is the simple, uncluttered interface. It provides a modern look and feel with a streamlined and intuitive interface.
As you can see below, Passwork has the concept of an organization vault and a private vault. Only the owner has access to the private vault, while the access settings determine access to the organization vault. The distinction between the private vault and the organization vault allows users to have their own private area to store their passwords in addition to the shared organization vault location.
Passwork supports a dark mode interface as an option for fans of dark mode, and it is easy to switch between dark and light. The “Settings and users” button in the upper left-hand corner allows access to Passwork's menus and configuration management.
The experience and interface workflow for adding password entries were intuitive and easy to use. Passwork also provides good visibility into the default or inherited permissions on password entries, as shown below.
You can send out personal invitations to specific users or generate a hyperlink to share with multiple users simultaneously.
Below, after you click the “Settings and users” button in the left corner, you will see the various account-specific and management options shown to the admin user.
Below are the Passwork settings for the organization. Passwork allows a great deal of customization to the policies configured for your organization, including who can sign up, access to vaults, password sharing, two-factor authentication, and many other settings.
Below is a look at the authorization and two-factor authentication configuration settings.
Many in the enterprise may want to integrate the solution with Active Directory for a single "source of truth" for user accounts and access. Passwork allows quickly adding your LDAP server to the configuration of the solution.
Passwork can also integrate with custom identity providers using SSO. For example, you can configure your entity ID and assertion URL, among other SSO settings.
One of the nice features Passwork offers is its security dashboard. Using the security dashboard, admins can analyze the security posture of passwords in use in the environment. It displays a summary of information about the security of the Passwork system, including:
- Weak passwords
- Old or expired passwords
- Risks—potentially compromised passwords
Password also has full activity logging built into the solution. Events occurring within those vaults of which you are an administrator are displayed in the activity log. After you select an event, you can view the author or go to the password itself.
With the export and import data functionality, you can export and import data in a CSV or JSON file format. When you export the JSON format of your Passwork password vault, it will save the entire structure of vaults and folders. As shown below, you can also export data in a granular way by choosing vaults and folders.
Browser extension ^
I'd also like to note that Passwork has an excellent browser extension that gives you access to most of the most essential features of the password manager.
The extension automatically offers authorization data when you log in to sites, and also gives you the option to save the password you entered when you registered. In the extension itself, you can open a list of all your vaults, add and edit passwords, and use a customizable password generator.
Wrapping up and impressions ^
Passwork contains many great features that will most likely satisfy the requirements of organizations of various sizes. In this overview, we have only scratched the surface of its functionality. I have used many of the password managers on the market today. Passwork was a refreshing experience, working with the interface, managing entries, and defining settings for the organization in the demo environment.
Password management solutions do not need to be complicated. Complex and challenging solutions stifle adoption by end users. The Passwork solution is a great example of how to create a password management solution that bolsters organization password security and embraces simplicity at the same time.
Subscribe to 4sysops newsletter!
Learn more about Passwork, use the demo environment, or download a self-hosted demo by visiting their site here.