Other IT Services

Password Manager

The Information Technology Office’s Password Manager is a self-hosted password management service that stores secure notes, login credentials, passwords, and other sensitive information securely in a locked vault. All secret and vault data is encrypted before storing them in the database.

The password manager is hardened through disabling registration, reverse proxy, and using HTTPS, among other things. Users can only create accounts in an invitation-only setup, and can only view passwords shared in an organization when allowed and invited. The user’s email address and master password can be changed in the account settings page, but there is no way to reset the master password once forgotten. The users can opt to add a master password hint to be sent to their registered email in the case where they forget their password. Once locked out, your master password is not recoverable and cannot be changed – even by the system administrators. Thus, it is extremely important to create a strong master password that you will never forget.

All passwords stored in your personal vault cannot be viewed and modified by any person other than yourself. Only you can see and manage these passwords. Passwords shared in an organization can be accessed by users with permission to view such passwords. Therefore, there may be passwords shared in an organization that cannot be viewed by other organization members.

Contact the office for access to the password manager.