This is similar to https://www.meldium.com/, a team password manager that helps with user permission management. It's a problem I've been waiting for someone to successfully solve. Good luck!
P.S. Showed this to another YC startup and they want to try it.
Nicely done guys for spotting the schelp blindness. I have been at many large enterprises where due to the pain of manging passwords everyone uses the exact same pass.
We'd love to have you as a customer! We don't store any plaintext secrets. Passwords are bcrypted and public keys can safely be public. If I misunderstood your question or if you want a more in-depth answer, please drop me a line: aren@.
At JumpCloud, we do guarantee encryption-at-rest for key storage, we use PBKDF2 for hashing. Can I ask what you're looking for that JumpCloud doesn't offer? Google Apps and LDAP/RADIUS are right up our alley!
I worked at OneLogin and always lamented that we didn't care about managing engineering-level access at all, esp since that was actually my job at OneLogin. Definitely impressed with some of what I see.
12 comments
[ 3.5 ms ] story [ 27.7 ms ] threadWould love your feedback and of course I'm happy to answer any questions!
With any luck I'll be paying Foxpass to solve this one for me in the near future.
P.S. Showed this to another YC startup and they want to try it.
Would love to switch to you guys, since integrating with Google Apps as an LDAP/RADIUS server is our one-and-only use case.
Question: Do you guys guarantee encryption-at-rest for key storage? What about 3rd party master encryption keys?