Setting Up Password Access Control
Many of your business-critical activities can be carried out with your shared passwords. These passwords can be used by multiple employees on a regular basis, without restriction. We highly recommended that you maintain an additional layer of security for such critical accounts. You can ensure these passwords are accessed only for valid reasons with Zoho Vault by enforcing access control. For example, you could share the admin password of your server with multiple administrators in your company. When you enable access control, users would require your approval to access these passwords. Users will have to raise access requests with valid reasons to access passwords enforced with access control. You can validate the user's reason for access, and approve their requests accordingly.
Enforcing access control
- Select the password, then click More.
- Click Enforce access control.
- Select one or more administrators who can grant access to this password in your absence.
- Exclude selective users, if necessary, from this workflow.
Requesting access
To access a password protected with access control:- Click the password, then select Request immediate access for immediate access, or Request approval in advance, then enter a specific time to access the passwords in the future
- Enter a valid reason, then click Request
- If the password owner approves your request, select the password, then click Check-in to access it for a time-limited period
- Select Check out to return access to the password after completing your tasks.
Note: Users will be unable to access passwords if the password owner rejects the access, or the validity of the request expires. The password owner can also revoke the user's access at any time.
Additional Settings
You can further tighten the security for these passwords by setting additional access constraints. You can:
- Mandate that at least two administrators approve password access
- Define when the unapproved access requests become invalid
- Set in minutes how long the users can access these passwords
- Configure automatic access approvals by selecting one of the following options, then click Save and enable:
- On all weekdays
- On all weekends
- At a specific time 00-23 hours and 00-58 minutes
- When a valid ticket from help desk is referenced
Note: You can revoke this configuration at any time.Managing access requests
- Select Password access requests under the Password management tab from Settings.
- Access all requests pending your approval from Approval requests. Approve or Reject the requests accordingly.
- Track the status of all your access requests from My Requests.
Related Articles
User Access Control
User Access Control(UAC) is a windows security feature that allows a non-administrator to perform administrative tasks by entering the administrator credentials in the UAC elevation prompt. In case of remote support, you cannot run applications, ...Password policy
Passwords are the first line of defense for most accounts, and it's essential to secure them with strong, unique passwords. We recommend that you define a strong password policy for your organization and enforce all users to follow the password ...What does access control option do?
Access is the master control option which controls direct module or cross-module access to data within the organization. By default, this setting will be enabled if a user chooses create, modify, or delete.Changing Your Master Password
There are two scenarios when you might change your Zoho Vault master password and it's important to remember the below points before doing so. The situations are when you: Remember your master password but would like to reset it Forget your master ...Generate an App-specific Password
What is TFA (Two factor Authentication)? TFA adds a layer of security for your email account as your email and password is not enough for you to login. An unique code will be sent to the registered mobile number and you will be granted access upon ...