The Enterprise Password Safe is designed to solve the problem of password management, protection, and access auditing in multi-user, multi-system environments. The EPS currently protects the passwords of a wide range of organizations around the world including Fortune 100 companies, small and medium businesses, government agencies, educational institutions, and charities.
The Enterprise Password Safe secures data using a multi-layered combination of the RSA, AES, and PKCS5-3 encryption algorithms. It also provides access controls at the group, user, and network levels. The EPS logs privileged operations and allows real time email alerts to be sent to a nominated list of administrators.
The EPS adapts to your infrastructure and doesn't require you to adapt your infrastructure to accommodate it. It can use SQL Server, Oracle, DB2, MySQL, PostgreSQL, or HSQLDB to store data and you can create backups using any solution approved by your database vendor. You can recover from the loss of the EPS and associated database server by restoring the database, installing a new copy of the EPS, and pointing the new EPS at the recovered database. It's a simple as that.
The Enterprise Password Safe does not require any program to be deployed on client machines. It can be accessed using any modern desktop web browser such as Internet Explorer or Firefox, and doesn't require any browser plug-ins, ActiveX controls, or other web deployed client software. This significantly reduces the amount of work involved in testing and deploying either the initial installation or any upgrades when compared to a solution with a requirement to deploy program on every client machine.
If you feel that the EPS could be of use to you please click here for a free one month trial (registration not required).
The EPS uses an encryption chain (as illustrated on the right of this page) which ensures that the information needed to decrypt passwords is not entirely stored in the database. The EPS also performs all encryption and decryption in memory in the software server, thus ensuring that the data does not get transferred over the network or permanently stored in an unencrypted form.
The EPS maintains an audit log of all accesses to passwords and can be configured to send e-mail alerts whenever a password is accessed or modified. The EPS can also retain historical versions of passwords to ensure that you can still access accounts which may have been restored from old backups.
The EPS does not require any special operating system configuration and uses the database to store all information which allows you to use your existing replication and backup procedures to operate disaster recovery sites or make backups of the passwords held by the EPS.
If you have concerns about the security measures the EPS uses we recommend you perform an independent audit of the system to satisfy yourself of it's security. We do not try to hide how the system works or what program it uses because we believe the EPS is secure, and if you decide to audit it yourself we believe you will come to the same conclusion.

Operating System: Any OS where Java 1.4 support is available

Supported Databases: SQL Server, Oracle, DB2, MySQL, PostgreSQL, HSQLDB

Encryption Standards: PKCS5-3, AES, RSA

Storage Metaphor: Searchable Hierarchy

Access Control: User, Group, and Network level

Auditing: Cryptographically signed log entries and optional email alerts

Import Formats: CSV for users, groups, and passwords

Exportable Reports: All Passwords, Access Configuration

The license of this software is Commercial,