Try for Free Contact Us
Key Features
  • Microsoft Azure
  • Remote Monitoring & Mangement
  • Antivirus & Antimalware Protection
  • Backup & Disaster Recovery
  • Documentation & Asset Management
  • Ticketing & Helpdesk
  • Top-Tier Security Compliance
    • One Platform
    All the Features

    Documentation

    Passwords

    The Passwords section in MSPControl allows you to securely store and manage sensitive credentials (e.g., admin passwords, API keys), optionally protected by extra authorization. You can assign peer tags, enable multi-factor authentication (MFA) secrets, and control which peers can view or receive each password.

    All passwords and certificates are stored in Azure Key Vault (it’s free up to certain usage limits), ensuring that nothing is stored locally.

    Passwords

    Enabling the Password Manager & Azure Key Vault

    Before using the Passwords feature, you must enable it in the policy settings and configure Azure Key Vault:

    1. Go to Settings > Policies > Documentation > Password Manager Policy
      Here, check Enable Password Manager to activate the functionality.
    2. Enter Your Azure Key Vault Credentials
      Provide the Tenant ID, Client ID, Client Secret, and Vault Base Url associated with
      your Azure Key Vault. MSPControl will use these details to securely store and retrieve your passwords and certificates.
    3. Set Expiration of Passwords List View Link
      (Optional) Configure how many hours a generated password link remains valid before expiring.
    4. Save Changes
      Your configuration is now active. The Passwords section will appear in the menu under Documentation.

    Without enabling the Password Manager and providing valid Azure Key Vault credentials,
    the Passwords functionality will be unavailable.

    Password and Certificate Policy

     

    Password and Certificate Policy configuration

    Overview

    The main Passwords page lists existing credentials, showing:

    • Description – A brief label or identifier for the stored password.
    • Tags – Peer tags that help categorize or indicate ownership/relevance.
    • Created Date / Updated Date – Timestamps for when the password was created or last modified.
    • Requires Authorization – Indicates whether the password requires explicit authorization to view.

    You can filter passwords using the search bar, Tags, or Peers dropdown.
    A Show Disabled option lets you display previously disabled credentials if needed.

    Passwords

    Creating a New Password

    1. Click “Create Password”
      Opens a form to define the new credential.
    2. Description
      Provide a short descriptive label (e.g., “Router Admin Password”).
    3. Password
      Enter or generate a secure password. You can click Generate Password to have MSPControl create one automatically.
    4. MFA Secret
      (Optional) Store a TOTP (Time-Based One-Time Password) secret if you need to manage MFA credentials here.
    5. Peers Tags
      (Optional) Add peer tags to indicate who this password is for or relevant to.
    6. Requires Authorization
      If enabled, only peers explicitly listed under “Peers With Access” can view this password.
    7. Peers With Access
      Select peers who can access the Password. You may also set an expiration date/time for temporary access.
    8. Notify on Access
      If enabled, triggers a notification whenever someone views the password, helping you track usage.
    9. Create Note
      (Optional) Attach a note with additional context (e.g., usage instructions or configuration details).
    10. Submit
      Saves your new password, which appears in the list. Access will be governed by peer settings and authorization requirements.

    Create a Password

    Actions on Existing Passwords

    Select one or more passwords, then use the -Actions- dropdown to perform bulk operations:

    • Set Requires Authorization – Toggles whether the selected passwords require extra authorization to view.
    • Add Peers With Access – Grants specific peers or groups permission to view the selected passwords.
    • Delete Peers With Access – Removes previously granted access from chosen peers.
    • Add Peers Tag – Assigns a peer tag (e.g., “Finance,” “Development”) to the selected passwords.
    • Delete Peers Tag – Removes an existing peer tag from the selected passwords.
    • Send Password – Sends the selected passwords to specified peers (via email or in-app message, depending on configuration). Use with caution.
    • Delete Selected – Permanently removes the selected passwords from the system. This action cannot be undone.

    Disabling vs. Deleting

    Instead of deleting a password you no longer use, you can mark it as “disabled” in its edit screen (if supported), preventing further use while preserving a record of it. Toggle Show Disabled to view or hide such credentials in the list.

    Best Practices

    • Use Strong Passwords – Rely on the Generate Password feature to ensure robust,
      random credentials. Avoid reusing old or insecure passwords.
    • Enable Authorization for Sensitive Items – If the password grants significant access (e.g., domain admin), enable Requires Authorization to add an extra verification layer.
    • Use MFA Secrets Wisely – If you store TOTP secrets, ensure only the appropriate admins or peers can view them.
      Consider enabling Notify on Access for an extra audit trail.
    • Review Access Regularly – Periodically check which peers have access to important passwords, and remove or disable credentials that are no longer needed.

    Boost efficiency and profitability with MSPControl.

    No credit card required for free, limited license.