Welcome to Teampass Feature Requests place

Please consider:

  • using "New Feature" ONLY
  • performing a search before creating a new request
  • voting for the request you would like to see implemented

Thank you for your participation to this project.


Bug report MUST be performed in Github.

Any other topic is performed in Reddit


+10

Use Have I Been Pwned API to check for Pwned passwords

Michel Meyers 1 year ago updated 9 months ago 4

Use the HIBP Pwned Password API (with k-anonymity) to check whether passwords being added/edited have been breached before and display a warning if they have.

Documentation on the API is here:

https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange

+10
Under review

Improve usage of Roles matrix

Nils Laumaillé 3 years ago updated by Aubin 3 years ago 3

Rework the "manage roles" page and especially the matrix showing the rights by Role and Folder.

This should permit:

  • multiple changes in a few clicks
  • better handling of long folder names
+9

Expose custom fields via API

Mike Wilson 3 years ago updated 3 years ago 1

Would love to be able to see custom fields via the API.  That way I can store password hashes, and SSH keypairs along with their account objects.

+9
Planned

Support for U2F USB tokens as additional 2FA method

Michel Meyers 3 years ago updated by 5b895086 3 years ago 7

Please support FIDO U2F tokens as second factor for two-factor authentication, ideally as an additional option to TOTP/Google Authenticator so that users can chose to use the latter if the former isn't accessible. (e.g. on mobile, where USB-only U2F tokens can't be used)

A library you could use can be found here:

https://github.com/Yubico/php-u2flib-server

+9
Under review

Microsoft SQL

Martin.S 3 years ago updated by A W 3 years ago 5

Again, Im a Microsoft person, so knows Microsoft SQL a lot more than MySQL.

+8
Under review

Unprivileged API tokens

Mike Wilson 3 years ago updated by finalbeta 1 year ago 4

Create API keys that don't have access to passwords directly, but do have access to custom fields like password hash, public keys, etc.  This way Puppet/Ansible can query TeamPass directly to set passwords without any sort of intermediary step.

+7

roles liked to AD Group(s)

yguillemot 12 months ago 0

First, escuse me for my english, i'm french... :-)

I'm IT Manager and i want to use teampass in my organization for all users.

I have a problem: I would like to be able to link each role to one or more ldap groups, which would allow me not to have to manage the rights individually. Therefore, when authenticating the user, the ldap groups to which it belongs should be checked, and the assigned roles should be updated.

I think we should simply:
- if ldap authentication is enabled, add a field when changing roles on directories (manage_roles) that lists all ldap groups (multiple selection)
- In the database table, save the selected groups in the "roles_values" table
- Add a parameter that enables automatic role updates based on LDAP groups
- when authenticating a user, check if the user is a member of a ldap group linked to a role, if it is the case modify the roles assigned to it (on database / users table / function_id)
- also do the opposite: no longer assign roles if the user is no longer a member of the linked ldap group.

I looked at the source code, tried to copy some parts of the code to do that, but I do not know php ...

+7
Under review

Radius Two-Factor Authentication

jronzon 3 years ago updated by Nils Laumaillé 3 years ago 2

Bonjour,


Je voulais savoir si ce serais possible d'ajouter la double authentification avec Radius.

+6

automatically add user from ldap into a role !

e.lefoll 3 years ago updated by Steve Shipway 3 years ago 2

I will be fun to decide to automatically add users from ldap to a role.


I have create a folder "common"

2 roles "managers" et "users"


"manager" can edit "common"

"users"  can only read "common"


I have 100 ldap users


I will need to manualy add them in the "users" role after their first connexion...


not really pleasant !

+6

Allow password/username to be copied from the favorites page

Evert 3 years ago updated 3 years ago 0

Hello,


Thank you for the work you already put into this solution.

A feature that might increase productivity is to allow passwords and usernames to be copied from within the favorites page. When the most used passwords are there, there is no need to click the link which reloads the page with the whole tree.


Best regards