Password Hub - Private Key Storage Method Enforcement
0 vote
Currently, when a user enrolls to the password hub, they need to choose the Private Key storage method and can choose between mobile device, QR code or password.
It would be interesting for the administrator of the hub to be able to enforce the use of a certain method (e.g., mobile device, which is more secure than other options).
This could be managed in the users administration and different enforcement could be selected for different group or users or specific users.
For example, I would like to force all users to use a mobile device except 2 users who do not have a company issued phone, who I would like to enforce the use of a password.
All Comments (7)
Hello,
Thank you for your suggestion. It's currently not planned to allow administrators to enforce a storage method. We'll be keeping an eye on this thread to see if there's any additional interest or input on this idea. We value your thoughts, and it would be great to hear from others as well.
Have a good day!
Maxime Morin
Hi Maxime,
I think this could be an interesting feature for us as well.
For us personally it would be easier as a global setting as we have over 600 users.
We're currently struggling a lot with users who did not pick mobile phone and then forgot their master password or lost their QR code and then we we have quite some work to get these users up and running again.
Kr
Iris
Hello,
Thanks for the feedback, I've created a task for this in our backlog.
Have a good day!
Maxime Morin
Hello,
Thanks for the feedback, I've created a task for this in our backlog.
Have a good day!
Hello Maxime,
Any news on this feature development and the position in your backlog ?
Best regards,
Florian
Hello Florian,
Thank you for the follow-up. It's not planned for any releases yet, but the issue is still in our backlog.
On a side note, we recently released the encryption service which greatly simplifies the onboarding process and removes the need for a private key on users. Let us know if you want more information.
Have a good day!
Maxime Morin
Hello Florian,
Thank you for the follow-up. It's not planned for any releases yet, but the issue is still in our backlog.
On a side note, we recently released the encryption service which greatly simplifies the onboarding process and removes the need for a private key on users. Let us know if you want more information.
Have a good day!
Hello Maxime,
Thank you for the feedback! Any information on that encryption service would be welcome, let me know how we can arrange that.
Best regards,
Florian
Hello Florian,
Sure, here's a link to our 2024.1 blog that describes the encryption service.
https://blog.devolutions.net/2024/03/whats-new-in-devolutions-hub-20241/#new-single-sign-on-sso-self-hosted-encryption-service
If you want to proceed with the installation without the Azure Template, you can read our documentation.
https://docs.devolutions.net/hub/web-interface/administration/configuration-security/authentication/encryption-service/
If you want to proceed with the installation from an Azure Template, you can read this topic while we are working on that documentation.
https://forum.devolutions.net/topics/41546/getting-prompted-for-devolutions-authentication-after-allready-signing#189318
Have a good day!
Maxime Morin