Chatta subito con l'assistenza
Chat con il supporto

One Identity Safeguard for Privileged Passwords 8.0 LTS - Administration Guide

Introduction System requirements Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Vaults Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Setting a password for your Enterprise Password Vault

Use the Enterprise Vault page of the SPP web client to set a password for your Enterprise Password Vault.

To set a password for your Enterprise Password Vault

  1. On the Enterprise Vault page, select an entry.

  2. Double-click the entry or click Edit Entry and navigate to the Secrets tab.

  3. On the Password tile available on this page, click Set.

    You can enter a password or automatically generate a password.

    NOTE: SPP does not send the generated password anywhere, only stores it. To use the generated password for an account that you added to the Enterprise Password Vault, for example, you must copy the password from here and then set it to the account.

    • If you enter the password, you can click Show or Hide to view the entry or not. You can also click Copy Password to copy the password to your clipboard.

    • To automatically generate a password, click Generate Password. The password is automatically generated. You can change password rules:

      1. Length: Use the slider or enter a value to reset the required length.

      2. Lowercase: Toggle the requirement to use lowercase letters in the password on or off. The password is regenerated per the setting.

      3. Uppercase: Toggle the requirement to use uppercase letters in the password on or off. The password is regenerated per the setting.

      4. Numbers: Toggle the requirement to use numbers in the password on or off. The password is regenerated per the setting.

      5. Symbols: Toggle the requirement to use symbols in the password on or off. The password is regenerated per the setting.

      6. Click Regenerate to generate a new password.

      7. Click Set Password to save the generated password.

  4. Back on the Password tile, you can click Show to view the password or Copy to copy the password to your clipboard.

  5. You can also click View Archive to view the password history.

    Thirty days of password history display as a default. You can set a date range for displaying password history by selecting From and To values using the calendar, or clicking Date Range to select set time periods for hours, days, months, or All History.

    In addition to viewing the Date Changed, you can Show or Hide the password or Copy Password.

Setting up a time-based one-time password (TOTP) authenticator

Use the Enterprise Vault page of the SPP web client to set up a TOTP authenticator for your Enterprise Password Vault.

To set up a TOTP authenticator

  1. On the Enterprise Vault page, select an entry.

  2. Double-click the entry or click Edit Entry and navigate to the Secrets tab.

  3. On the TOTP Authenticator tile available on this page, click Set.

  4. On the Set TOTP Authenticator pane, select one of the following options:

    NOTE: After you start the process for setting up a TOTP authenticator, you must connect the authenticator with the account in Safeguard for Privileged Passwords by entering the code(s) sent by the authenticator within a set time limit. One Identity recommends that you have your authenticator ready before beginning this process to avoid having to restart the setup process due to timing out.

    1. QR Code Image: Select this option to connect with the TOTP authenticator using a QR code image file. Click Browse Your Computer to select the QR code image file or drag the QR code image file into the dashed box.

    2. URI or Secret String: Select this option to connect with the TOTP authenticator using the URI string or secret generated by the authenticator. If only a secret is provided, then the process for generating the string will depend on the authenticator itself.

      Click Submit.

  5. A Setup Confirmation Code section will appear as soon as the authenticator setup begins and you must start entering the provided code(s) into your authenticator (you can click Copy to copy the code instead of typing the value). The amount of time you have left before the code becomes invalid and a new code is displayed to the right of the Copy button.

    The number of code(s) required depends on the requirements for the authenticator (for example, AWS requires 2 successive codes be entered, with each code being available for approximately 30 seconds. Only 5 codes will be displayed before the authenticator setup times out and you will need to restart the process.). If you cannot successfully complete the setup, click Remove Authenticator to restart the process.

  6. After you have successfully completed the TOTP authenticator setup, click Done.

  7. Back on the TOTP Authenticator tile, you can click Show to view the password and the amount of time you have left before the code becomes invalid or Copy to copy the password to your clipboard.

Importing password data from CSV file

To import password data from a CSV file or from another password manager application, follow these steps.

To import a CSV file from the Enterprise Password Vault account(s)

  1. In the SPP web client, on the Enterprise Vault page toolbar, click Import, and select Import CSV.

  2. (Optional) To download a template CSV file of the password data containing the fields of the Enterprise Password Vault accounts, click Download Template.

    NOTE: The default available fields in the template CSV file are Name, Account, URL, Notes, and Password.

  3. In the dialog, click Import and select your CSV file. Ensure the file has the required column header field names.

    After selecting a file, the import process will begin and a progress status bar will be displayed.

    • If the import is successful, the imported records will be displayed.

    • If the import is not successful because there were errors in the password data, you can click Download Errors to download a CSV file containing only the lines that failed and use it to correct the imported CSV file.

To import a CSV file from KeePass

  1. In KeePass, export the password data to a CSV file. For more information, see Import / Export in the KeePass documentation.

  2. In the SPP web client, on the Enterprise Vault page toolbar, click Import, and select Import from KeePass.

  3. In the Import - Keepass Accounts side sheet, click Import and select the KeePass CSV file from the dialog.

    After selecting a file, the import process will begin and a progress status bar will be displayed.

    • If the import is successful, the imported records will be displayed.

    • If the import is not successful because there were errors in the password data, you can click Download Errors to download a CSV file containing only the lines that failed and use it to correct the imported CSV file.

To import a CSV file from 1Password

  1. In 1Password, export the password data to a CSV file. For more information, see How to export your data from the 1Password desktop app in the 1Password documentation.

  2. In the SPP web client, on the Enterprise Vault page toolbar, click Import, and select Import from 1Password.

  3. In the Import - 1Password Accounts side sheet, click Importand select the 1Password CSV file from the dialog.

    After selecting a file, the import process will begin and a progress status bar will be displayed.

    • If the import is successful, the imported records will be displayed.

    • If the import is not successful because there were errors in the password data, you can click Download Errors to download a CSV file containing only the lines that failed and use it to correct the imported CSV file.

To import a CSV file from Bitwarden

  1. In Bitwarden, export the password data to a CSV file. For more information, see Export Vault Data in the Bitwarden documentation.

  2. In the SPP web client, on the Enterprise Vault page toolbar, click Import, and select Import from Bitwarden.

  3. In the Import - Bitwarden Accounts side sheet, click Import and select the Bitwarden CSV file from the dialog.

    After selecting a file, the import process will begin and a progress status bar will be displayed.

    • If the import is successful, the imported records will be displayed.

    • If the import is not successful because there were errors in the password data, you can click Download Errors to download a CSV file containing only the lines that failed and use it to correct the imported CSV file.

To import a CSV file from LastPass

  1. In LastPass, export the password data to a CSV file. For more information, see Export vault data from LastPass as a generic CSV file in the LastPass documentation.

  2. In the SPP web client, on the Enterprise Vault page toolbar, click Import, and select Import from LastPass.

  3. In the Import - LastPass Accounts side sheet, click Import and select the LastPass CSV file from the dialog.

    After selecting a file, the import process will begin and a progress status bar will be displayed.

    • If the import is successful, the imported records will be displayed.

    • If the import is not successful because there were errors in the password data, you can click Download Errors to download a CSV file containing only the lines that failed and use it to correct the imported CSV file.

To import a CSV file from Chrome

  1. In Chrome, export the password data to a CSV file. For more information, see Export your data from Chrome in the Google Chrome Help documentation.

  2. In the SPP web client, on the Enterprise Vault page toolbar, click Import, and select Import from Chrome.

  3. In the Import - Chrome Accounts dialog, click Import and select the Chrome CSV file from the dialog.

    After selecting a file, the import process will begin and a progress status bar will be displayed.

    • If the import is successful, the imported records will be displayed.

    • If the import is not successful because there were errors in the password data, you can click Download Errors to download a CSV file containing only the lines that failed and use it to correct the imported CSV file.

To import a CSV file from Firefox

  1. In Firefox, export the password data to a CSV file. For more information, see Export login data from Firefox in the Mozilla Support documentation.

  2. In the SPP web client, on the Enterprise Vault page toolbar, click Import, and select Import from Firefox.

  3. In the Import - Firefox Accounts dialog, click Import and select the Firefox CSV file from the dialog.

    After selecting a file, the import process will begin and a progress status bar will be displayed.

    • If the import is successful, the imported records will be displayed.

    • If the import is not successful because there were errors in the password data, you can click Download Errors to download a CSV file containing only the lines that failed and use it to correct the imported CSV file.

Exporting password data to CSV or JSON file

To export the password data of the selected Enterprise Password Vault entry to a CSV or JSON file, follow the steps.

Prerequisites

To give SPP users permission to export the Enterprise Password Vault data, you must use an account with the Global Admin or User Admin role.

To enable the permission, in the SPP web client, navigate to User Management > Settings > Enterprise Password Vault, and select Allow users to export passwords.

NOTE: This is a global setting that applies to all users. You cannot selectively apply this setting to individual users.

To export Enterprise Password Vault data to a CSV or JSON file

  1. In the SPP web client, on the Enterprise Vault page toolbar and click Export.

  2. In the Export - Enterprise Vault dialog, select one of the following export formats:

    • CSV

    • JSON

  3. (Optional) To select the fields you would like to export, click Fields and from the list, select the required fields, and click OK.

  4. (Optional) To specify in what order to sort the data, click Sort By, select the fields you want the exported report to be sorted by, and click OK.

  5. (Optional) To limit the results to be included in the exported file, select Limit Results, and in the Number of results to include field, enter a number.

  6. To export the Enterprise Password Vault accounts data to a CSV or JSON file, click Export.

    The exported CSV or JSON file will be downloaded to your computer.

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione