I was thinking recently that we need some tool where we store our team’s passwords for all the different logins we have.
Few requirements what I came up with:
- The server or the password file needs to be hosted on our network
- There needs to be mechanism to share passwords within specific persons or groups
- If possible no extra cost or the cost is minimal
- Copy to clipboard needs to exist
I reviewed few different products for this.
Team Password Manager: http://teampasswordmanager.com/
-Free for two users
-Hosted locally
Vaultier: http://www.vaultier.org/
-Free
-Hosted locally
Passbolt: https://www.passbolt.com/
-Free
-Hosted locally
Each of them has some specific features and I started with Vaultier. I was trying to install the docker version to our Oracle Enterprise Linux and didn’t get it working at all. Same happened also with the Python package. Shame! It seemed like a really nice product and might be I will try it further at some point.
As next option I decided to go with Passbolt. The reason I wanted to try it out next was the two user limit with Team Password Manager. Passbolt is still on alpha stage and while there are installation instructions under https://www.passbolt.com/help/tech/install it still required lot of work to get everything sorted out.
All the php modules and gnupg packages required some additional work. Good help on resolving those were earlier install link and also https://www.svennd.be/installing-passbolt-on-centos-7/
After couple days of resolving different issues under OEL 7 I got it running. It needs a plugin installed to chrome or firefox and a master password for your user.
After login you can just create new passwords and then share them with other users. Also you can set privilege for the other users if they can edit the passwords. Here is how the main page looks like(I removed some of the detailed info from resources):
Some good things with Passbolt are:
+Search is fast and simple
+Login with master password
+Clicking the password shows you owner and who it is shared with and description
Some features I would still like it to have:
-Add people to groups. For us this is not so relevant as we have only one team but having multiple teams and clicking the password for each user would be time consuming
-Although it says master password is remembered for 5 minutes it still asks it each time. Annoying!
-Add passwords to folders. Now the search works easily so when you are adding the password you need to think of naming convention. But if you would have folders you could also browse them and not have the full list coming up after login
If you look on the roadmap they have some of these already under work: https://www.passbolt.com/roadmap.
So small improvements and this would be even better! Still I’m happy with the functionality it has and we will keep using it as it fits our purpose nicely. If you need something similar its definitely worth on testing.
I found passbolt not to be production ready to be honest, I tried it, never showed my colleague’s as there are to much links to passbolt webpage and this is confusing to me… I hope they continue to develop it, as it shows some real promise. I will try Vaultier, did not know that, thanks for the tip. Good read.
Yes I agree. Specially the installation is way too complicated and some administrative features could be easier too. I think we will use it for now as we are just one small team and see how they improve it over time. Probably if you have more than 5 users it comes quickly quite challenging to keep up with all passwords.