Security Settings
- PassMan Permission Settings
- Extra Security Checks
- Check Login Time
- Supplier Login
- Regenerate Auth Secret
- Forgotten Password
- Incoming IP filtering
Extra Security Checks
In order to make password access more secure, it is possible to limit access to the data stored in PassMan for the user who has logged in.
Checkout of secrets will only be possibly, if user re-verifies the login password for PassMan.
Before users can be managed, the PassMan password should be provided again as confirmation. After that, the function can be used as usual.
If enabled, you need to be verify yourseld with login password before setting up any access for entities.
(Access level can be set for folder/subfolder, device, and user accounts).
After logging in, the logged in user will receive a token which will allow him to perform operations on the system until the token expires.
You can choose to continue using the previously generated token or, with the stricter security setting: only use the token generated after re-login, to perform new actions.
Enable the use of "Self signed" certificates
Check logon time
In order to improve security, it is possible to compare the browser-side login time with the PassMan server time, so that a login sequence captured during a possible network data collection cannot be used to log in illegally later.
If this option is enabled, the login is not allowed in case of client and server side time mismatch.
Remote access
In the event of a failure, external access by the manufacturer may be required.
Allow or deny remote access for the technical user and the SSH port number can be set in this menu.
Default settings:
Remote access disabled
SSH port number: 22
Auth Secret regeneration
Re-create both PassMan and Padmin Auth Secret keys.
Forgotten password management
In order to protect against possible mail DDOS attacks, it is possible to set the number of forgotten password requests per minute that PassMan serves.
Default setting: 10 per minute