Reporting on user vault conformity
0 vote
Hi, we were looking into the reports and we notice there was no way for us to have a report on the user vaults.
I understand the need to keep them separate and inaccessible for others, including the admins, but it would be beneficial to at least be able to report on them.
Did our users really created "complex", "recommended strength" or followed company policy passwords ?
Did our users did some "password reutilisation" in their vault ?
Did our users changed their password since X days ? (password rotation)
While the shared vaults do enables us to be sure those passwords ar OK, more and more platforms are using a "user based" (1 account per user) then and "enterprise based " (1 account for the company/group of users) authentication. The fact that we don't know if the "user" password is following the basic company requirements is sort of a blindspot which puts, potentially, data at risk. (at least from our point of view)
All Comments (1)
Hello,
Thank you for your suggestion. I understand your request, but we have something that could help you to be sure that users use strong passwords. It is possible to configure a password template on your system and force the password to respect that template when users create a new password in their user vault. If your system is configured that way, you will be sure that all user's passwords will be strong. Is it a configuration that you already have in your installation ?
Here is where you can configure those settings
Best regards
François Dubois
333462d4-f608-4335-a0ce-d24182d79102.png