Password SafeShare

SECURITY  Administrator and Manager roles can control which passwords are shareable or non-shareable.
Administrator, Manager, Editor, and Creator roles can share passwords with the share setting enabled.

Password SafeShare, the password sharing feature in IT Glue, provides you with a secure and convenient method to share sensitive information with external recipients via a time-restricted link protected by two-factor authentication. This feature aims to enhance collaboration and streamline information sharing outside of IT Glue.

NOTE  Vaulted passwords inherently cannot be shared. To share a vaulted password, it must be removed from the vault.

NOTE  If IP Access Control restrictions are configured in the IT Glue account, recipients without access to allowed IP addresses cannot access shared password links.

Enabling or disabling password sharing

Users with the Administrator or Manager role can enable or disable password sharing for all passwords in the IT Glue account, for multiple passwords in an organization in bulk, or for individual passwords.

Enabling this setting automatically allows passwords to be shared outside of IT Glue by Administrators, Managers, Editors, and Creators.

Disabling this setting removes the option for passwords to be shared outside of IT Glue. The active shared password link automatically expires, and a password slated for deletion is immediately deleted.

Administrators and Managers can override the setting for individual passwords.

NOTE  All options for enabling or disabling password sharing are either grayed out or hidden for users who are not Administrators or Managers, but users with permission to share passwords have visibility of which passwords are eligible for sharing via the Shareable column in a list of passwords and on individual password detail pages.

Sharing a password link

Administrators, Managers, Editors, and Creators can complete the following steps to share the details of any password with the Password Sharing setting enabled:

  1. From the Passwords page for an organization, select a password.
  2. Click Share Password.

  3. Enter the email address(es) of up to 20 desired external recipient(s).
  4. NOTE  To verify their identity and access the password details, a recipient will require access to the email address you enter.

  5. From the Expires after drop-down menu, select how long the shared password link will remain active before expiring.
  6. Select the Can be accessed once per recipient check box for each recipient to be able to access the password details only one time.
  7. Select the Delete password after link expires check box for the password to be automatically deleted after the amount of time selected in the Expires after drop-down menu.
  8. Click Generate Link.
  9. Click the Copy to clipboard icon to copy the password link.
  10. Paste the link in any medium you prefer and send the link to the intended recipients.

The link remains available for copying on the password detail page or in the Activity Logs until it expires. If the Delete password after link expires check box was selected, a warning banner on the password detail page indicates the impending expiration date and time.

Accessing a shared password as a recipient

For recipients to access the password details, they'll complete the following steps:

  1. Copy the shared link from wherever it was sent by the IT Glue user.
  2. Click the shared link or paste it into a web browser to open the authentication page to access the password.
  3. Enter their email address that was entered by the IT Glue user in the Share Password dialog box to receive a one-time verification code in their email inbox.
  4. Enter the verification code received via email in the Code field.
  5. NOTE  If the email address the recipient enters does not match an address entered by the IT Glue user, they will see the Verification Code page, but no verification code is sent.

  6. If successfully authenticated, the recipient will see the following details:
    • The password name.
    • The password expiration date and time.
    • The username of the IT Glue user this password belongs to, which they can copy.
    • The masked password, which they can copy.
    • If applicable, the one-time password, which they can reveal and/or copy.
    • If applicable, the associated URL.
    • If applicable, the notes populated for the password.


Manually expire a password link

On the password detail page, click Expire now and Expire Link in the confirmation dialog box to immediately delete the link and disable access for all recipients.