PasswordManager Pro (PMP) deals with administrative passwords, most of which having unlimited privileges. Any compromiseon security will expose the organizations to serious risks. Keeping this in mind, PMP has been designed to offer maximum security right from application installation to user authentication, data transmission, storage and entire work flow.
Apart from the existing security measures as detailed below, we keep on striving to make the application more secure continuously. This document provides details about the security specifications of the product in brief.
PMP protects the data at various levels, classified into the following seven categories:
PMP uses AES-256 encryption ( the strongest known encryption and has been approved by the US Government) to secure the passwords and other sensitive information in the password database. The key used for encryption is auto-generated and is unique for every installation. By default, this encryption key is stored in a file named pmp_key.key under <PMP_HOME>/conf folder. For production instances, PMP does not allow the encryption key to be stored within its installation folder. This is done to ensure that the encryption key and the encrypted data, in both live and backed-up database, do not reside together.
We strongly recommend that you move and store this encryption key outside of the machine in which PMP is installed - in another machine or an external drive. You can supply the full path of the folder where you want to move the pmp_key.key file and manually move the file to that location and delete any reference within PMP server installation folder. The path can be a mapped network drive or external USB (hard drive / thumb drive) device.
PMP will store the location of the pmp_key.key in a configuration file named manage_key.conf present under <PMP_HOME>/conf folder. You can also edit that file directly to change the key file location. After configuring the folder location, move the pmp_key.key file to that location and ensure the file or the key value is not stored anywhere within the PMP installation folder.
PMP allows the users to choose one of the following two types of authentication:
All sensitive data stored in PMP - passwords, files, digital keys, account names, IP addresses etc are encrypted using AES 256 encryption.
Provision to prevent the execution of malicious code/script in the application to combat cross-site scripting
PMP can be set-up to run in FIPS 140-2 compliant mode (with SQL server back-end) where all encryption in PMP is done through FIPS 140-2 certified systems and libraries
PMP ensures security all along the application work flow. The following are few examples:
The database backup generated by PMP follows all the above security aspects, which in turn makes disaster recovery secure. The backup copy will not have the Encryption Master Key since PMP does not allow encryption key and the encrypted data, in both live and backed-up database, reside together. Unless one presents the encryption key, sensitive data cannot be deciphered from the backup copy.