Web-based, multi-user, secure password safe/manager with delegated access controls
Open-source, web-based secure password safe for the enterprise that supports multiple users with delegated access controls. Simple to use, manage passwords and other sensitive secrets centrally in a secure database with industry standard pluggable strong encryption. Multiple users and groups can be added using pluggable authentication/authorization and role-based access controls. Fine-grained access controls can be defined on passwords to share with other authorized users in view only, view and update, or delegated granting modes. Reusable permission templates can be defined. Ability to organize passwords using friendly tags. Configurable strong password generation tool. Full audit trail of all password access events, many useful and configurable reports, as well as pluggable modules for external logging all audit events. History of old passwords can be kept. Exports can be done for disaster recovery purposes. Password retrieval also exposed via Web Services for automated processes.
2015/05/22 Moved project from Google Code to Github, start your pull requests!
2013/07/07 Release v1.3 now available! Download the latest version on the left.
2012/05/31 Patch release v1.2.1 for Java web containers (Glassfish/Jetty) having issues with CSRF protection.
###New to WebPasswordSafe?
Download releases and install guide from http://download.webpasswordsafe.net
Take a visual walk-through and comparison with other products by reading the blog http://webpasswordsafe.blogspot.com/
Submit questions/feedback to the discussion group http://groups.google.com/group/webpasswordsafe
Submit bugs/feature requests here https://github.com/joshdrummond/webpasswordsafe/issues
Code license: GNU GPL v2
Labels: gwt, security, password, safe, encryption, java, web, tomcat, gxt, multiuser, hibernate, j2ee, webservice, ajax, esapi