twohawks

My feedback

  1. 158 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      twohawks commented  · 

      Yeah, the ability to choose/assign a shared entity within a passcode entry as an administrator would solve a ton of issues (be very liberating).
      ***I think its the single most significant upgrade Francesco's team could do that would propel PP competitive placement among passcode keepers marketed at this level.

      Further, being able to assign a 'group member' as an admin would be even more liberating (but *not* as critical for initial implementation, as sometimes the group thing doesn't apply).

      For now, we have to... 1) require anyone creating new passcodes to transfer ownership to central (the root company owner), then 2) the chief trusted entity at central must check the shares.

      The drawback is that the chief has root access to everything, and so 'everything' cannot reasonably be kept in a central code-repo - some things gotta go elsewhere, which creates more work.

      BTW, shares are transferred if the target owner already has that share in their people list.

      One other comment... for inhouse users I may also deploy KeePass on workstations to make it easier for users to log into their PassPack accounts (since we use 26+ digit passwords and keys). I can maintain their Keepass dbs centrally, making that easy to manage, and individually assigned dbs makes keeping them private (even on shared workstations) simple to do.

      I can use a centrally managed Keepass db with some client-companies, but many of my clients have a blend of remote win/mac/linux clients, making Keepass impractical (not impossible, but it gets chaotic with non-it folk).

      And at the point you run into those few non-windows associates you want to share codes with you realize you would have been better off starting with something more natively cross-platform accessible to begin with.

      It would be nice to hear from the host about this.

      twohawks commented  · 

      For business:
      YES - Allow members of a Shared Group to see what group they belong to.

      NO or ToggleSetting - to see what passwords belong to that group. Not necessary, so why do it? What if privilege for me (as an individual) to see "Y" in xyz passcodes for my group is revoked? Some cases perhaps it serves to still let me see the entry in the group code "listing" (but not the contents), but then again other case perhaps not.

      NO - absolutely no sharing amongst themselves - would only lead to chaos: No One but an authorized administrator should be responsible for assigning use of company codes - even if its within a group. The company would lose integrity of authority to manage operations and security.

      How often do you see companies allowing employees to share keys to the office? No, typical protocol is each person is assigned keys only from a central office/administrator that is held accountable for managing all the keys (its a simple auditable protocol), and they are strictly controlled.

      Therfore NO to : Designate a group administrator to handle sharing privileges for the group (since they would be doing it in the first place).

      Order is typically stewarded by a "chain" of command. I think this is what the concept of Central Repository serves... the ability to manage shared privileges without compromising integrity of operations or security.
      Free Sharing of priviledges would only serve to introduce weakness (even chaos) in the order of operations and security protocols.

      Perhaps this would be viable in a system not reliant upon a hierarchal authority structure? Perhaps not? But certainly not in your typical business.

    • 354 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        twohawks supported this idea  · 
        twohawks commented  · 

        Need this for sure. But it will only have true/full benefit for business when you also provide for a business owner to assign an administrator for groups (and or each group account), and pushing out tags.

        Here's what it looks like right now (what to expect) in the real world...
        - I setup ceo account and her share name, under my control
        - then setup my account and my sharing handle
        - setup shares from ceo account to mine
        - test everything (get it organized for the potential groups)
        THEN
        - setup each user account by creating each new login
        - setup collaboration for sharing in @ accounts
        - create instructions for users to login, reset passwords and packing keys, and for accepting invitations from ceo later
        -
        - re-tag all entries in my account since they are not propogated and cannot be imported (what a pain),
        - instruct everyone else to do the same (forget that - no way its gonna happen)
        **THEN**
        - transfer ceo account ownership to ceo by having her login and change passowrd and packing key
        - I can create new entries and transfer their ownership to ceo, however,
        - I cannot manage shares of existing or new entries to teams for the company, so I am actually powerless to "administer" anything without access the ceo's account directly, which means she has to constantly hand=hold the process, and constnatly change her codes after I am done working within her account.

        This is already reflecting poorly on my IT decisions for this small company.

        ================
        Whats really needed to make this viable for business:
        - admins for groups, i.e., be able to give admin permissions to someone in a group
        - fully setup staff accounts within owner account and group-admin-share user account
        - allow tags to be shared from the owner account
        - and/or allow tags to be imported onto entries that are shared with you

        ***I really appreciate the integrity of this company... real people providing real help and support with a very creative and progressive product. When you sort out the business management viablity I will be able to realisticly start using this for more of my client companies.

        Thanks for the facility for providing feedback and suggestions.

      • 499 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          twohawks supported this idea  · 
          twohawks commented  · 

          very common, very useful

        • 202 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            twohawks supported this idea  · 
            twohawks commented  · 

            very common, very useful

          • 361 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)

              Logs & Audits will be included in a future release of Passpack. No ETA, please continue to vote so we can give this priority in our scheduling.

              twohawks commented  · 

              Yes. In any business, for managing security and activity issues, a major concern is being able to audit. When problems arise we need to able to see who was accessing and changing what, when, and with whomelse,
              More progressive/enterprising products are offering this feature. It certainly is one of the main things I was hoping to enjoy, and offer my clients, in this type of product.

              twohawks supported this idea  · 
            • 539 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                twohawks supported this idea  · 

              Feedback and Knowledge Base