Password Vault

Eliminate the risk of sharing privileged passwords with Kron PAM's enhanced Password Vault.

Download Datasheet Request a Demo

Centralized Password Vault

The Kron PAM™ Password Vault keeps all passwords in a secure, centralized vault, in fully encrypted form and assigns strong and unique passwords to your target hosts, as well as automating the randomization of your passwords. Enables user accountability and unified visibility of who used which system credentials for what purpose and when. Provides trails required to comply with internal audits and regulations.

Centralized Password Vault
One-time passwords (OTP)

Makes sure the real user of the local account is indisputable. The Kron PAM DPC logs which real user checked out the OTP (One-Time Password), along with the beginning and end times.

The passwords are not shared among employees. The password is valid for a limited time and even if an employee shares it, he is still accountable because Kron PAM DPC indisputably logs which real user checked out the One-Time Password.

Secret Data Vault

Kron PAM's Password Vault not only secures privileged account passwords but also stores & manages sensitive information such as private passwords, documents and digital identities (SSH keys, certificates and digital assets).

Enable Personal Accountability

Provides audit trails of who used which system credentials for what purpose and when.

Two-level Managerial Approval

One or two-level managerial approval processes can be applied for password check-out.

Always Strong Passwords

Makes sure strong passwords are used for local and service accounts by having the Kron PAM Password Vault generate them.

Zero-Touch User Provisioning

Auto enable new user account with privileges when a new employee starts work (integration with enterprise Active Directory or LDAP is required). Also enables the auto lock of the user account when an employee terminates employment (integration with enterprise Active Directory or LDAP is required).

Split Passwords

The passwords of critical systems can be split into pieces by the DPC so that connections to those systems can only be authorized by the participation of all the users.

Secure Application Passwords

Application accounts are used to access databases, connect network devices or other applications, run batch jobs or scripts. The passwords for these accounts are often embedded and stored in unencrypted text files, DB or in source code. Most of the time, these passwords are not changed regularly and can easily be found by people who have access to the server that application runs on, which constitutes a security vulnerability.

The Kron PAM AAPM enables enterprises to remove these static passwords stored in applications and keep them in a secure Password Vault. Kron PAM provides a token-based authentication for 3rd party applications while accessing the password vault. This authentication process verifies the application identity and gives secure access to the password associated with that identity.