Problem: After opening a support request, Devolutions Support confirmed that there is no way to centrally manage expiration. Each entry is individually entered and set to a fixed manually-entered date. This doesn't scale well when managing hundreds of passwords. Additionally, reporting appears to be insufficient.
1. Allow an administrator to set a global password expiration value in days
2. Similar to how permissions are inherited, allow folder groups to override and flow down values that are different from the global default
3. Allow individual entries to override folder group and global defaults with their own time-based (not date-based) expiration value
4. Allow the option to default password expiration to date of last password change + the password expiration value
5. Create a password expiration report that works for both Data Entries and Credential Entries showing passwords which are coming due for change
1. Midsized and large organizations can set maximum password ages by policy to a consistent value (for example 1 year)
2. Subsets of entries (either by folder group or individually) could have exceptions (for example 3 months or 2 years)
3. Entries would default to a policy value (if set) reducing administrative burden with manual data for potentially hundreds of entries
4. A single password management report would show both Credential and Data Entries, making the reporting much more accurate
Thank you for the request. I think it's an excellent idea. I will analyse what is missing on our side and try to integrate this for the next major release.