Welcome to Teampass Feature Requests place
- using "New Feature" ONLY
- performing a search before creating a new request
- voting for the request you would like to see implemented
Thank you for your participation to this project.
Bug report MUST be performed in Github.
Any other topic is performed in Reddit
The API does not appear to allow attached files to be uploaded or downloaded; nor can you access or update custom fields. This is a big problem when it comes to storing things like Certificate files when you want to have them automatically downloaded and installed by configuration management software.
I think it would be good
to add the functionality that passwords that were registered in
teampass, could be assigned to only be shown 50% of the password to a
specific role, the other 50% to another role and the total (100%) to another role.
Master role: qazwsxedc123
Role 1: qazwsx ******
Rol2: ****** edc123
This would allow double custody for the password where users can not access 100% of the password to access with the user.
The ability to restrict being able to view the password in an item, but not the rest of the information of that item would be a welcome addition.
In my use case, lower level technicians need to know information about a server, e.g. IP address, hostname, services, etc; but do not require to know the password itself to that server. I would like to be able to give them access to the auxiliary information without giving them the password.
It would be very helpful to have a Heira module to read secrets (including file attachments) from the TeamPass API. This would allow us to manage passwords, secrets and certificates from puppet with them stored inside TeamPass, retrieving via the existing heira method.
As an example of how to do this with the Hashicorp Vault API, you can see here: https://github.com/jsok/hiera-vault . It would probably be similar with TeamPass.
I suspect this may be something better produced and managed by the community, and that if provided you'd then have to provide something for Chef, Ansible, etc, but it's a very useful thing to provide
first, TeamPass is a very cool, feature reach and sophisticated tool!
It would be nice to have an additional meta user in the email notification feature, where one can send the email to all affected users. E.g. a special meta role such "all" or "affected". If one change a password and choose to send the email to "all", than all users who can at least view this password get informed.
Thanks a lot!
When verifying a 2FA code, the discrepancy (time leeway for auth codes) is hardwired to +-1 (this is when calling verifyCode() from identify.php). It would be helpful to be able to configure this from within TeamPass, since this gives very little leeway for devices with clock errors and slow typers. Many places will use 2 or even 3 for this setting depending on their users.
Please can we add a configuration item to the 2FA settings to allow this to be changed from the default of 1.
The current system allows you to view the previous unencrypted values of passwords in both the history, and on the edit page. This is potentially insecure as it can allow people to view a pattern or common passwords that are reused (yes, both of these are a problem in themselves, but lets minimise the risk).
I would like to be able to have a configuration switch to disable the display of unencrypted previous passwords on the edit page, and in the logs.
Customer support service by UserEcho