Using the Password Manager

Majid Latif

Introduction

LogonBox comes equipped with a Secure Password Manager, which allows the creation and assignment of passwords, enabling organizations to share privileged account information with specific users, while also enabling end users to manage their own personal passwords. This articles covers the core concepts and behaviour of LogonBox Password Manager from end users, managing their own personal credentials, to administrators managing privileged passwords. 

 

Using Personal Passwords

Navigate to My Resources->My Passwords, to access the Password Manager page. The password table shows users all password personal passwords created whether from the My Password page or a personal Single Sign-On resource.

Each row shows the username associated with the password, clicking the green action icon allows the user to view the associated password or copy it to the clipboard. 

 

Create Personal Passwords

After logging in as a user, navigate to My Resources->My Passwords, and click Create on the bottom right of the Password Table.

This will open the password create from.

The information required is:

  • Username - the username for the credentials
  • Password/ Confirm Password - the associated password

These are the madatory items to create a password, additional details can be provided in the adjacent tabs, one of which, Options, is explained below.

 

Additional Password Configuration Settings

Time Options

You can set an expiration date for credentials from the Options tab either during creation of the password or editing a password.

Settings on offer are:

  • Expiration Date - the validity of a set of credentials after which, the password will no longer be available
  • Host Address - the hostname of where a credential will be used, this works in conjunction withSSO Browser Resource, the defined hostname restricts the password resource from being used anywhere else

 

Manage Passwords

The real power of Password Manager comes when the administrator creates and assigns privileged passwords to allowed users, the administrator interface can be located from Passwords on the left menu. 

To create passwords, the recommended way is to create folders, within which passwords can be created, both steps are detailed below.

 

Creating Structure

The best way to manage passwords is through creation of folders. To create a folder, right click on a folder you wish to create the new folder beneath, the folder clicked on will become the parent while the new folder, the child. 

With the new folder created, right-clicking on the folder shows the context-menu again allowing you to add passwords to this folder. 

The following information is required:

  • Username - the username for the credentials
  • Password/ Confirm Password - the associated password
  • Mode - How the user will see this resource
    • System Use - should be used when you do not want the assigned users to see the password (perfect for single sign-on resources where you do not want to show passwords to the user)
    • View Use - should be used when you are ok for the assigned users to view the credentials.  

The next item required before a password is complete is assigning it to an appropriate role. Select the Roles tab and select the roles to assign to. 

Passwords can have an expiration date, this is optional, details can be found in the section called, Time Option.

With the credentials assigned, any user in the assigned role will now see this new password in their password table but will only be able to view, copy to clipboard, not edit or delete the password. 

 

Bulk Assignment

To speed up the assignment process, passwords within a folder can be assigned in bulk. Right-click on a folder with passwords, offers the Bulk Assignment option. 

This opens up a dialog allowing you to select the passwords resources to include and which roles to assign these passwords too.

In addition the final tab, Options, allows you to define how the assignement should be done.

  • Mode - how the resources should be assigned
    • Merge - combine this role with any other associated with the password
    • Overwrite - remove any existing roles first, before assigning these to the password

 

Conclusion

The article has shown just how easy it is to create passwords, for personal use and to share with a subset of users, perfect for providing access to sensitive systems.