Hello there Keepass fans,
We have been using Keepass but needed a multi-user system to use here in-house. I mean real multi-user (something that management could decide who gets which passwords and such). The problem? Much like many of you, we liked Keepass too much to switch to anything else (we didn't want to lose the browser plugins, etc).
Anyways, this post is to basically announce that our company put together a server that works with the Keepass front end. It's called "Pleasant Password Server".
We have been using it internally but we now offer if for sale to see if others would find it useful too. Its free to try for 2 users and up to 20 secrets.
If anyone gives it a shot, send us some feedback, we'd love to here what the Keepass community thinks of it. Naturally, we will try to accommodate feedback as quickly as possible.
Thanks,
Thomas from PleasantSolutions.com
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi Paul, nice hearing from you! There are many aspects of the system's security that could be talked about.
One example security measure we took is that we use secure certificates and if the client connects to some other server, it would warn the user that it is a different certificate. This protects from server spoofing to get the user's login information.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That is good from a server spoofing perspective, but how do you secure the database on the server, yet make it available via different passwords and levels of access?
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The server itself serves as a middle-tier, so the client applications don't access the database directly. This allows the middle-tier to check for permissions before passing back requested data.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I can see this being used a lot, but you need to be able to reassure users that the software is secure and your web site doesn't say much about the database or security.
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2011-10-13
We would definitely have an interest in this. I have been looking for a solution that uses a KeePass type client but allows different groups of passwords to be shared with specific groups of users from a central server. Thanks for making this available to others!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2011-10-24
This sounds like just the functionality I have been looking for. Its a shame however that this solution does not follow KeePass in being open source.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hey Fred, I have been trying to understand what you meant by "removed the template functionality", but haven't figured that out yet. Can you say a bit more about what you meant?
As far as I can tell from the KeePass site, there is a plug in that allows people to modify templates… is that what you have installed?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
@pleasansol
If you go to the file menu in the regular client you will see an entry for database settings. In that dialog box there is the advanced tab. On that tab there is a setting to set a specific group to be used as a template group. When you create a new secret from the toolbar it will show all of your templates and you can select one of them to base your new entry off of.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello there Keepass fans,
We have been using Keepass but needed a multi-user system to use here in-house. I mean real multi-user (something that management could decide who gets which passwords and such). The problem? Much like many of you, we liked Keepass too much to switch to anything else (we didn't want to lose the browser plugins, etc).
Anyways, this post is to basically announce that our company put together a server that works with the Keepass front end. It's called "Pleasant Password Server".
We have been using it internally but we now offer if for sale to see if others would find it useful too. Its free to try for 2 users and up to 20 secrets.
If anyone gives it a shot, send us some feedback, we'd love to here what the Keepass community thinks of it. Naturally, we will try to accommodate feedback as quickly as possible.
Thanks,
Thomas from PleasantSolutions.com
I forgot to mention the link to look at the Keepass compatible password server is http://www.pleasantsolutions.com/PasswordServer/
I see you have strong security on the server. How do you manage multiple passwords and a secure back end?
cheers, Paul
Hi Paul, nice hearing from you! There are many aspects of the system's security that could be talked about.
One example security measure we took is that we use secure certificates and if the client connects to some other server, it would warn the user that it is a different certificate. This protects from server spoofing to get the user's login information.
That is good from a server spoofing perspective, but how do you secure the database on the server, yet make it available via different passwords and levels of access?
cheers, Paul
The server itself serves as a middle-tier, so the client applications don't access the database directly. This allows the middle-tier to check for permissions before passing back requested data.
I was hoping for some more feedback in terms of if anyone sees a need for this in the Keepass community, etc. Any thoughts anyone?
I can see this being used a lot, but you need to be able to reassure users that the software is secure and your web site doesn't say much about the database or security.
cheers, Paul
We would definitely have an interest in this. I have been looking for a solution that uses a KeePass type client but allows different groups of passwords to be shared with specific groups of users from a central server. Thanks for making this available to others!
This sounds like just the functionality I have been looking for. Its a shame however that this solution does not follow KeePass in being open source.
This sounds like it has a lot of potential. Active Directory integration would be awesome for this product.
Looks like you folks removed the template functionality. That would be nice have as well.
Hey Fred, I have been trying to understand what you meant by "removed the template functionality", but haven't figured that out yet. Can you say a bit more about what you meant?
As far as I can tell from the KeePass site, there is a plug in that allows people to modify templates… is that what you have installed?
@pleasansol
If you go to the file menu in the regular client you will see an entry for database settings. In that dialog box there is the advanced tab. On that tab there is a setting to set a specific group to be used as a template group. When you create a new secret from the toolbar it will show all of your templates and you can select one of them to base your new entry off of.
I see. Thanks Fred. Any other feedback you may have would be appreciated as well, so feel free:-)