Login entries - Require techs enter a justification to access passwords

wrongecho

How would we feel about a box that requires technicians to submit a justification (or valid ticket ref) the first time they access a specific login entry's password (per day/per X hrs since last accessed).

There wouldn't be any sort of approval process, but the time, entry details and justification would be recorded in an audit log so satisfy security framework requirements.

[upl-image-preview url=https://forum.itflow.org/assets/files/2023-10-02/1696284197-848247-image.png]

I was thinking this could be configurable per login entry (as naturally some passwords are more sensitive than others), or alternatively have a global on/off option per client?

Tracking: https://tasks.dev.itflow.org/task_details.php?task_id=131 (itflow-org/itflowissues/744)

This will require some major rewriting to achieve as individual login/password access currently is not (and can not) be logged.

ruggedit

wrongecho that would be awesome!! I would also like to see a place to leave Notes in an account for billing.

JosephWithCOR

IMHO, it is a great start especially if it could be linked to or from the client / ticket / asset.

Bonus points if you could selectively enable an email to the technician's supervisor or admin.