Contents x
    Vault
    • 2 minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Vault

    • 2 minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    The application enables the cache of credentials, viewing, and copying of credentials. These actions are equivalent to using a proxy, preview, or copy through the web interface. All these actions will be audited and forwarded via SIEM.

    When opening the application, it displays the following image:

    Vault initial screen

     

    • In the top left corner is the search bar.
    • In the top right corner is the Refresh button.
    • Below the Search bar, you have the titles:
      • User: the default credential for privilege elevation actions inside and outside the Vault.
      • Domain: the name of the domain of the device.
      • Device: the device associated with the credential.
    If the default credential has no domain registered, the machine name will be displayed instead.

    Use a credential

    Vault users are always linked to their accounts used to log into Windows.

    Caution
    The workstation username must have an equivalent user in the senhasegura platform. If you are not sure about the username, read the article Requirements.
    1. Access the user's desktop.
    2. Start Vault.
    3. Select the credential you want to use from the list of credentials.
    4. Right-click on the automation.
    5. Click Copy or Show to access the password.


    Caution

    When a local user is created on the workstation with senhasegura Go and has the same name as an existing user in PAM , the Go user will have access to the credentials of the PAM user when opening the Vault module of senhasegura Go .

    Example: If there is a user named admin on my workstation and, coincidentally, there is an admin user in PAM , when attempting to open the Vault module of Go , all the credentials that the admin in PAM possesses will be displayed to the local user.



    Use a credential in case of unavailability

    In cases of unavailability of the senhasegura platform. The Vault stores the user and password credentials locally. It is encrypted and keeps the information from the last update. So the user can view and copy the credentials and password.

    1. Access the senhasegura platform.
    2. Go to GO Endpoint Manager➔Settings➔Parameters➔go Windows.
    3. In modules, activate the option “Enable credentials?”.
    4. Click on Save.
    5. Access the user's workstation, and follow the steps to use a credential

    Caution
    This feature does not work in conjunction with offline mode.



    Configure Token requests to view or copy credential

    1. Access the senhasegura platform.
    2. Configure MFA OTP token.
    3. Go to GO Endpoint Manager➔Settings➔Parameters➔Security.
    4. Check the option Force Multi-Factor Authentication to view password?* or Force Multi-Factor Authentication to login?* to Yes.
    5. The user will be prompted to fill in a token to copy or view the credential.

    Configure verification of local privileged credentials

    1. Access the senhasegura platform.
    2. Access the menu GO Endpoint Manager➞Settings➞Parameters➞go Windows.
    3. Go to the Report section.
    4. Check the option Enable local privileged credentials checking?.
    5. Set days and times for execution.
    6. Click Save.
    Was this article helpful?
    What's Next
    Digital sovereignty is a fundamental right for citizens, institutions, and society. That’s why we work every day.
    Connect With Us
    SENHASEGURA
    LEARN
    EXPLORE
    Copyright © senhasegura. All Rights Reserved