30 comments

Add a comment…

Sign in

prestine

Your email address

Check!

invalid email

(thinking…)

Reset

or sign in with

• 
• 

UserVoice password

Forgot password?

Create a password

Your name

I agree to the terms of service

Signed in as (Sign out)

Close

Close

Post comment Submitting...

• AdminFrancesco (Admin, Passpack) commented  ·  May 16, 2013 10:09 a.m.  ·  Delete

  The problem is that Passpack doesn't encrypte the data server side but client side. This is why it's so difficult to create an API that doesn't break the security of the system. For example, as you can imagine, a protocol like OAuth is not enough in our case and we are trying to think a stronger way to handle authentications.

• Anonymous commented  ·  May 15, 2013 8:48 p.m.  ·  Delete

  We use servers with One Time Passwords. We generate 100 passwords at a time and import them into our current password repository.

  How silly is it for us to upload the entire list via a CSV file to passpack's servers which will then encrypt them? The passwords we have are highly sensitive.

  An API where we can see the client source to confirm that the passwords are not uploaded to the server in plain text.

• Malachi de AElfweald commented  ·  April 5, 2013 11:46 p.m.  ·  Delete

  The browser on Android is extremely bloated and heavy. I'd like to make a native Android app.

• John commented  ·  March 27, 2013 9:40 a.m.  ·  Delete

  We would need an api to automatically insert ftp or ssh accounts from our hoster (that has an api) in passpack. So we can share easier with our employes.

• Anonymous commented  ·  February 9, 2013 7:06 p.m.  ·  Delete

  I run a business which helps customers build IT applications - and need to maintain passwords to dev servers etc of multiple projects and for multiple user types. Use case is:
  * Customer launches a project and we provision project management, source code repository, dev AWS server, test AWS server, application frameworks, etc.
  * There are a number of passwords needed but for different roles. For example the SSH credentials to servers is for customer and system admin only. Others such as repository access and zend/ phpmySQL admin for developers, etc.
  * I want to create a Passpack account for each user that the customer assigns to a project and make accessible the project specific passwords that are appropriate for the role (project owner, system admin, lead developer, etc).
  * A passpack API would make this a more reliable process than relying on manual configuration.

• Sam commented  ·  January 14, 2013 4:46 a.m.  ·  Delete

  Passpack, you should build a highly optimised iOS app, along the lines of 1Password. Their app is great, because you can easily access all your passwords without an internet connection, however they're missing your sharing features, and some of their UI doesn't make sense unless you're in the US. If you don't build it, I will! You're losing market share to an inferior product because you don't have an iOS app, please, built it yourselves before we get a ton of crappy apps that will besmirch your name!

• Brett commented  ·  December 6, 2012 3:55 a.m.  ·  Delete

  I stumbled on this page while looking to see if there was a way to automate password creation.

  I've been evaluating the way we set up each new site, and would like to be able to automate all of the repetitive parts out of it. But passpack is one of the things we just have to do manually, even if we didn't have all passpack functionality exposed, it would be great to have a web service that allowed us to create a new item, and receive a generated password back.

  It would be a huge time saver.

• Halldór Hrafn commented  ·  November 16, 2012 3:54 a.m.  ·  Delete

  Providing a platform independant (REST-like?) API would be fantastic. For me I mainly use Passpack as a secure catalogue of passwords/credentials. Basic, but Passpack-grade-secure, CRUD API would take this service over the top! :D

• Ryan - commented  ·  August 13, 2012 12:29 p.m.  ·  Delete

  An API that will let a website know that you are logged into Passpack, and let them make a generic "Log in with Passpack" button.

• Matt commented  ·  July 13, 2012 12:35 a.m.  ·  Delete

  +1

• David JM Emmett commented  ·  July 12, 2012 9:08 a.m.  ·  Delete

  An API would be great, we could then integrate it with SSH in a similar way as the GnomeKeyring does!

• Matt Dolan commented  ·  June 26, 2012 2:20 a.m.  ·  Delete

  We have a script to do various tasks involved in creating a new project, but at the moment it has to tell the user to 'store this password in Passpack'. Would love to be able to automatically store and share the password with the appropriate Passpack users.

• Anonymous commented  ·  May 21, 2012 3:37 a.m.  ·  Delete

  Please API development!!!

• Anonymous commented  ·  March 15, 2012 11:20 a.m.  ·  Delete

  I am not a programmer like a lot of Linux users nowadays. I do know my way around the shell and find this an extremely powerfull tool that provides you with integration with all installed applications and data since the system allready supports those.

  I would be very happy with a way of making system calls and managing stdin and stdout. Since the BASH shell is Posix compliant it also runs like a charm on Windows and might even act as an extra security layer since attackers will not expect you to have a bash shell ;)

  The easiest way of providing this feature I can think of is to create some files filled with BASH functions that can be included in shell scripts.

  If something like this could be part of the API I would be more than happy and so would a lot of others with me.

• Vicente commented  ·  February 22, 2012 8:20 a.m.  ·  Delete

  +1

• Anonymous commented  ·  January 27, 2012 7:34 a.m.  ·  Delete

  +1
  As useful applications there would be
  * integration with email clients (like thunderbird), to stop storing passwords locally
  * automated passwords backup tools
  * small lightweight tools to "copy without showing" passwords for non-web applications (like PGP passphrases, ZIP encryption keys...)

• Ovais Reza commented  ·  January 12, 2012 1:26 a.m.  ·  Delete

  Vote +1; Many organization needs to automate passwords, such as SSH, or other non browser app, having API will solve that.

• PP rocks! commented  ·  October 19, 2011 7:36 a.m.  ·  Delete

  A RESTful API that provides readonly access to the passwords could be a good starting point.

• techypaul commented  ·  July 30, 2011 2:25 a.m.  ·  Delete

  I want to use this with drupal. We store users details and computers on our site for support (externally hosted, not internal). Despite being security minded, we do not feel comfortable hosting our clients server passwords etc in our database.

  I would like to visit an asset page and click on a button which would then send the asset number/token to your site and bring the password back for display. Obviously a way to send a password to you too. We use yubikey to login to our site so could use the same key for authentication.

  This could either be via an API or maybe a better option for you would be to simply provide a hosted way of doing this with a form on our site which can be prefilled with our asset key.

• Ariel commented  ·  May 30, 2011 6:29 p.m.  ·  Delete

  Please, please do that!
  I really wanna a better interface integrated with osx keychain and iphone! PLEASE!