Quest One Privileged Password Manager - Features

Release Controls – Manages password requests from authorized users, programs and scripts—via a secure web browser connection—for the accounts they are entitled to access. The request for one or more passwords can be automatically approved or require any level of manual approvals.

Change Control – Supports configurable, granular change control of shared credentials, including time-based, last-use-based and manual or forced change.

Enterprise-ready – Integrates with existing directories, ticketing systems and user authentication sources, including Active Directory, LDAP and fully supports two-factor authentication through Quest Defender or other third-party, two-factor authentication products. A robust CLI/API supports end-to-end integration with existing workflows and tools, including reviewer notification and escalation workflows.

Scalable Appliance – Provides secure, hardened, enterprise-ready access and management of shared credentials for more than 250,000 accounts at once.

Secure Password Storage – Encrypts all stored passwords stored using AES-256 encryption. In addition, the appliance also uses Guardian Edge AES-256 full-disk encryption.

Application Password Support – Includes the capability to replace hard-coded application and database passwords in scripts, procedures and other programs.

Robust Target Support – Manages shared credentials on the widest range of target servers, network devices and applications.

Handheld Device Support – Includes full support for password request, approval and retrieval via handheld devices, configurable on a per-user basis.