Secure Password Management
Click Studios recognises the challenges faced by organisations in securing access to sensitive data, and with the release of version 4 of Passwordstate, you can now securely store passwords for individuals, and teams of people.

Track Personal & Shared Password Lists
With Passwordstate you can track passwords for individuals, or create Shared Password Lists to be shared amongst a team of people. Visual comparison of changes to passwords is also possible.

Security Administration
The Administration area of Passwordstate provides Security Administrators a set of tools for managing and reporting access to Passwordstate, and various governance related features.

Data Protection & Security
Passwordstate 4.3 brings many changes related to the security of your sensitive data, including AES 256bit database encryption, and code obfuscation.

Enterprise Scalability
With multiple Active Directory Domain support, and built on Microsoft's web and database platforms, you can scale your solution from a single user to the enterprise.

Track Personal & Shared Password Lists

With Passwordstate you can track passwords for individuals, or create Shared Password Lists to be shared amongst multiple people.
Password History

Changes to passwords, and associated account details, are kept for the life of the record.
Password Comparison

Compare history records for changed passwords, visually showing changes to fields.
Real-Time Password Change Notification

Users can elect to receive email notifications when passwords are added, editing or deleted from a Shared Password List they have access to.
Import and Export Passwords

Easily import or export lists of passwords for either safe storage outside of Passwordstate, or to reduce the amount of time adding new passwords.
Secure Access to Shared Password Lists

Shared Password Lists are controlled by granting access only to the individuals requiring access. The List Administrator role provides granular control over who has access, and who can modify a shared list.
Expiring Passwords Management

View expiring passwords in a calendar view, or elect to receive an expiring passwords report either daily, weekly or monthly.
Password Auditing

View real-time changes to personal or shared passwords.

Security Administration

The Administration area of Passwordstate provides Security Administrators a set of tools for managing and reporting access to Passwordstate, and various governance related features.
Auditing

End-to-end auditing reporting on 23 different types of events within Passwordstate, including which user made the change, and the IP Address of the computer they made the change from.
Customised Email Templates

All emails generated from within Passwordstate can be customised to your liking, and can be enabled/disabled as required.
Shared Password List Reporting

Security Administrators can now see and administer all Shared Password Lists. The passwords for the shared lists are not visible, unless the Security Administrator has elected to allow passwords to be exported as part of the export feature.
Password Strength Policy

Allows Security Administrators to specify criteria for reporting on the strength of passwords within Passwordstate. This provides users with visual representation of password strength, either when entering passwords, or in each of the grid views.
2nd Level Password Protection

To further secure the Administration area of Passwordstate, additional 2nd level password protection can be enabled.
Multiple Active Directory Domain Support

Passwordstate supports multiple Active Directory domains and forests, allowing importing of users, and cross domain authentication. User accounts can also be imported/exported from CSV files.
User Acceptance Policy

Security Administrators can elect to prompt Passwordstate users with a customised User Acceptance Policy, outlining to usage principles for Passwordstate. This policy can be a mandatory, requires acceptance from the user, or you can elect not to have a policy at all.

Data Protection & Security

Passwordstate 4.3 ensures the integrity of your sensitive data, by securing the back-end from system administrators, and the front-end from unauthorised access.
Encryption and Obfuscation

To protect the privacy of sensitive data, all passwords are stored within the database using 256 Bit AES Encryption, and sensitive code is protected by the use of precompiled ASP.NET pages and obfuscated .NET Assemblies. No longer can web or database administrators gain access to data they are not authorised to view.
Unique Initialisation Vector

Every instance of Passwordstate generates its own unique Initialisation Vector for encrypting data.
Automatic Logout Period

An Automatic Logout Period can be specified for inactive sessions i.e. if a user leaves Passwordstate open on the screen, it will be automatically logged out once the logout period is reached.
Integrated Windows Authentication

Integrated Windows Authentication provides a greater level of secure access to Passwordstate
Optional Two-Factor Authentication for Administration Area

Security Administrators can enforce a secondary login into the Administration area, protecting against System Administrators logging onto the Active Directory domain using the Security Administrators domain account, and gaining access to the Administration area of Passwordstate.

Enterprise Scalability

With multiple Active Directory Domain support, and built on Microsoft's web and database platforms, you can scale your solution from a single user to the enterprise.

Role-Based Access Control

Role-based access permissions in Passwordstate ensures only authorised access to sensitive data is possible, and governance of Passwordstate usage is well managed. Passwordstate has 4 key roles:

* Standard User - A Standard User has access to all features in the 'Passwords' section, but no access to the 'Administration' section
* Security Administrator - A Security Administrator has access to both the 'Passwords' and 'Administration' sections
* Shared passwords 'Standard Access' role can add, edit and delete passwords from a shared list, as well as view which users have access to the list
* Shared passwords 'List Administrator' role can, in addition to the Standard Access role, grant/deny access to the list for other users


Real-time Notifications and Auditing

Receive real-time email notifications when shared passwords change, and view auditing information for events relating to your access control.

For a list of audit events within Passwordstate, please click here - Audit Events

Active Directory Integration

Passwordstate leverages the investment your have made in your Active Directory implementation, and fully supports multiple Active Directory domains and forests.

In addition to importing user credentials direct from Active Directory, Passwordstate also uses the authentication mechanism inherent to Active Directory & Internet Information Services.

Compliance Reporting
End-to-end reporting ensures the governance of your enterprise's passwords are well managed, and reported when required. The following types of reports are available within Passwordstate:
* Exporting of User Accounts
* Exporting of Personal & Shared Passwords
* Exporting of Audit Events
* Shared Password List Access
* User Access to Shared Password Lists
* Password Strength Compliance