Password SafeShare

SECURITY  Administrator and Manager roles can control which passwords are shareable or non-shareable.
Administrator, Manager, Editor, and Creator roles can share passwords with the share setting enabled.

Password SafeShare, the password sharing feature in IT Glue, provides you with a secure and convenient method to share sensitive information with external recipients via a time-restricted link protected by two-factor authentication. This feature aims to enhance collaboration and streamline information sharing outside of IT Glue.

NOTE  Vaulted passwords inherently cannot be shared. To share a vaulted password, it must be removed from the vault.

NOTE  If IP Access Control restrictions are configured in the IT Glue account, recipients without access to allowed IP addresses cannot access shared password links.

Enabling or disabling password sharing

Users with the Administrator or Manager role can enable or disable password sharing for all passwords in the IT Glue account, for multiple passwords in an organization in bulk, or for individual passwords.

Enabling this setting automatically allows passwords to be shared outside of IT Glue by Administrators, Managers, Editors, and Creators.

Disabling this setting removes the option for passwords to be shared outside of IT Glue. The active shared password link automatically expires, and a password slated for deletion is immediately deleted.

Administrators and Managers can override the setting for individual passwords.

NOTE  All options for enabling or disabling password sharing are either grayed out or hidden for users who are not Administrators or Managers, but users with permission to share passwords have visibility of which passwords are eligible for sharing via the Shareable column in a list of passwords and on individual password detail pages.

To enable password sharing for all passwords in the IT Glue account, complete the following steps:

  1. From the top navigation menu, click Admin.
  2. In the General tab, which is selected by default, locate the Account Defaults section.
  3. In the Password Sharing section, select the Enable password sharing on all passwords check box. The Password Sharing check box will be automatically selected for each password in the account.

If you clear this check box and click Disable in the confirmation dialog box, the password sharing setting is automatically disabled for all passwords in the account. All active shared password links automatically expire, and all passwords slated for deletion are immediately deleted. Administrators and Managers can continue to enable the setting for individual passwords.

In the Shareable column on the Passwords page for an organization, a check mark is displayed for passwords with the password sharing setting currently enabled.

To change the password sharing setting for multiple passwords in an organization at once, complete the following steps:

  1. From the top navigation menu, click Organization.
  2. Select an organization.
  3. From the left navigation menu, click Passwords.
  4. Select any number of password check boxes, or select all passwords for the organization by selecting the check box at the top of the list.
  5. From the bulk actions drop-down menu, select Enable Password Sharing or Disable Password Sharing to apply that setting to all selected passwords.

When creating or editing a password, enable or disable password sharing by selecting the Password Sharing check box.

Sharing a password link

Administrators, Managers, Editors, and Creators can complete the following steps to share the details of any password with the Password Sharing setting enabled:

  1. From the Passwords page for an organization, select a password.
  2. Click Share Password.

  3. Enter the email address(es) of up to 20 desired external recipient(s).

    4. NOTE  To verify their identity and access the password details, a recipient will require access to the email address you enter.

  4. From the Expires after drop-down menu, select how long the shared password link will remain active before expiring.
  5. Select the Can be accessed once per recipient check box for each recipient to be able to access the password details only one time.
  6. Select the Delete password after link expires check box for the password to be automatically deleted after the amount of time selected in the Expires after drop-down menu.
  7. Click Generate Link.
  8. Click the Copy to clipboard icon to copy the password link.
  9. Paste the link in any medium you prefer and send the link to the intended recipients.

The link remains available for copying on the password detail page or in the Activity Logs until it expires. If the Delete password after link expires check box was selected, a warning banner on the password detail page indicates the impending expiration date and time.

Accessing a shared password as a recipient

For recipients to access the password details, they'll complete the following steps:

  1. Copy the shared link from wherever it was sent by the IT Glue user.
  2. Click the shared link or paste it into a web browser to open the authentication page to access the password.
  3. Enter their email address that was entered by the IT Glue user in the Share Password dialog box to receive a one-time verification code in their email inbox.
  4. Enter the verification code received via email in the Code field.

    5. NOTE  If the email address the recipient enters does not match an address entered by the IT Glue user, they will see the Verification Code page, but no verification code is sent.

  5. If successfully authenticated, the recipient will see the following details:
    • The password name.
    • The password expiration date and time.
    • The username of the IT Glue user this password belongs to, which they can copy.
    • The masked password, which they can copy.
    • If applicable, the one-time password, which they can reveal and/or copy.
    • If applicable, the associated URL.
    • If applicable, the notes populated for the password.


Manually expire a password link

On the password detail page, click Expire now and Expire Link in the confirmation dialog box to immediately delete the link and disable access for all recipients.