Welcome to Teampass Feature Requests place
- using "New Feature" ONLY
- performing a search before creating a new request
- voting for the request you would like to see implemented
Thank you for your participation to this project.
Bug report MUST be performed in Github.
Any other topic is performed in Reddit
The ability to restrict being able to view the password in an item, but not the rest of the information of that item would be a welcome addition.
In my use case, lower level technicians need to know information about a server, e.g. IP address, hostname, services, etc; but do not require to know the password itself to that server. I would like to be able to give them access to the auxiliary information without giving them the password.
It would be very helpful to have a Heira module to read secrets (including file attachments) from the TeamPass API. This would allow us to manage passwords, secrets and certificates from puppet with them stored inside TeamPass, retrieving via the existing heira method.
As an example of how to do this with the Hashicorp Vault API, you can see here: https://github.com/jsok/hiera-vault . It would probably be similar with TeamPass.
I suspect this may be something better produced and managed by the community, and that if provided you'd then have to provide something for Chef, Ansible, etc, but it's a very useful thing to provide
first, TeamPass is a very cool, feature reach and sophisticated tool!
It would be nice to have an additional meta user in the email notification feature, where one can send the email to all affected users. E.g. a special meta role such "all" or "affected". If one change a password and choose to send the email to "all", than all users who can at least view this password get informed.
Thanks a lot!
When verifying a 2FA code, the discrepancy (time leeway for auth codes) is hardwired to +-1 (this is when calling verifyCode() from identify.php). It would be helpful to be able to configure this from within TeamPass, since this gives very little leeway for devices with clock errors and slow typers. Many places will use 2 or even 3 for this setting depending on their users.
Please can we add a configuration item to the 2FA settings to allow this to be changed from the default of 1.
The current system allows you to view the previous unencrypted values of passwords in both the history, and on the edit page. This is potentially insecure as it can allow people to view a pattern or common passwords that are reused (yes, both of these are a problem in themselves, but lets minimise the risk).
I would like to be able to have a configuration switch to disable the display of unencrypted previous passwords on the edit page, and in the logs.
After using TeamPass for a bit, i was looking to make the environment Highly Available.
One way of doing this with MySQL/MariaDB/Percona is using the Galera Clustering. The problem is that the data structure for TeamPass is not supported on Galera/XtraDB environments since every table must have a unique id/primary key to ensure replication.
Looking at the table structure, it looks like some of the tables may be as simple as changing the id column to be a primary key but others look like they are used without a true id column. I'm not 100% sure that will allow support with Galera (there might be more - still researching).
What i do know is that I cannot install on a Galera DB and if I install on a non-Galera DB export to a Galera Cluster, the application doesn't show folders or users properly under the admin console.
When creating/editing a user there should be an option to have local or remote authentication. This could be accomplished with a check box for "local account".
See the closed github bug ref # 1896 for further information on this feature request.
Customer support service by UserEcho