sharing of complete password vaults

[budachst]

In lastpass I am using the shared-password vault to setup some kind of family vault, where I can share and manage passwords that are available to other family members. This would make a great feature for passman to offer.

@brantje edit: Would you like this feature too? Please consider donating for it. Read more

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/41949458-sharing-of-complete-password-vaults?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github).

[fredt34]

We also need to share sets of keys in our team between developers, sysadmins, sales guys: not all of them access all keys.

Is client-side password encryption such a good idea btw?? https://stackoverflow.com/questions/4121629/password-encryption-at-client-side#4121657

[fredt34]

Hmm my previous remark about encryption was stupid, apologies.

[PylsaPylsa]

This would be amazing and would definitely tip the scales all the way to passman for us to use in our team!

[rollollooo]

Hi @brantje ,

first of all thank you and the team for the great work so far. I would also love to see a team sharing and/or sharing of a complete tresor. Actually we are searching for a webbased password management solution in our team. We already use owncloud in our company and passman is a very interessting alternative to running a password management system in it's own enviroment. But the team/vault sharing feature is must have to use passman in teams or hole companys. I will talk to the owner of my company to donate some money for this feature. Is there a amount of money you need to get this feature implemented (maybe a kickstarter project)?

regards

[Braintelligence]

This missing function is what's keeping me from using Passman yet... it would be awesome if I could just pass vaults over to my clients.

[xrkolovos]

this project has started being dead. No one has written anything since summer. The owners are propably busy, and no one has taken the lead. We were waiting for this feature since last sprint, so we left passman behind.

[PylsaPylsa]

Unfortunately we have also moved on from passman and have recently adopted another product. No more need from us.

[Braintelligence]

@JurassicTommy Is the other product also open-source?

[metalcated]

I would recommend taking this off topic discussion somewhere out of respect even if this thread is mostly been quiet.

On Sat, Jan 27, 2018, 9:56 AM Braintelligence notifications@github.com wrote:

@JurassicTommy https://github.com/jurassictommy Is the other product also open-source?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/nextcloud/passman/issues/243#issuecomment-360990081, or mute the thread https://github.com/notifications/unsubscribe-auth/ABUYCgHFDSO9-QV1I8Ke-zY6eo6MPk5bks5tOzk2gaJpZM4L-i_r .

[marcmanusch]

Any news ?

[fir3wall]

I don't believe this project is maintained anymore ...

[enoch85]

This is open source which means people work in their spare time. In this case @brantje is busy with regular work and don't have so much time to spend on this app. With that said, this app is not not maintained, it's just that lack of time has made it seem that way.

[animalillo]

As @enoch85 said, we still maintain this app, we just don't have time to implement new features.

With that said if there are pull requests we will gladly review and merge them if they fit they improve the project and fit our quality standards.

We hope to get some extra free time and be able to invest it on passman, but currently that's near impossible for us.

[PylsaPylsa]

As much as I understand and appreciate your position, I don't think you should keep donation links (for specific feature implementation) open whilst the work on it remains seemingly postponed indefinitely. I'm not saying I have donated but it just doesn't seem too fair. But maybe that's just me.

[wrapper]

Dropping a + 1 for this feature, unfortunately the system has no use for me without it

[enoch85]

Please stop with +1s, Everyone in this issue gets notified. It's much better to hit the like button on the original post instead.

Thank you.

[KimTheFirst]

For the reference of anyone who hits this and is desperate; I just got some limited group based sharing going but I'm probably not going to use it. I did it by hacking the credentialMapper and some other files along the lines of:

public function getCredentialsByVaultId($vault_id, $user_id) { if(VaultShare::isShared($vault_id,$user_id)){ <<<Look up a table of shares! $sql = 'SELECT FROM `PREFIXpassman_credentials` ' . 'WHERE vault_id = ?'; <<Query no longer conditional on user ID being a match! }else{ $sql = 'SELECT FROM *PREFIX*passman_credentials ' . 'WHERE user_id = ? and vault_id = ?'; }

and so forth. I have no UI for creating the table and it's just a straight up two column table, but hopefully you get the idea. This is literally all you need to do as long as you can figure out how to get data into that table / array / etc. It does not tie in to any other nextcloud features, groups, etc, probably opens up security issues, causes nuclear war, etc. But it does work.

[LordVan]

I thought of one workaround (at least for teams): create a seperate user in nextcloud, create a vault and share those passwords within the team. -> by far not ideal, but I'd be more confident in that in a production system than some hack (no offense @KimTheFirst .. you said yourself you probably wouldn't use it either though ;)

That said .. proper sharing of a whole vault would still be best of course . what is the status of this? @brantje do you think and/or someone else will have time to look at this in the near future?

[huynhcongdanh]

@LordVan Yup, our team has been using the shared user account with SSO/LDAP integration since beginning of this year and it works great for us so far.

[adocampo]

I would also ask for this, as I'm facing that need on a organization used to LastPass and I've convinced to change to Passman :smiling_imp:

[RebootFixesAll]

I would love this feature let me know if there is any way i can help speed along the process.

[michaelkarrer81]

+1 would be a great feature!

[MrMEEE]

+1

[robin-thoni]

What about storing the vault in a regular file that can then be shared using Nextcloud built-in share feature? That also means all users would share the same vault password, which sounds acceptable for me.

[larsziegelmann]

What's the status of this issue? Is anybody working on it?

[tibring]

Could you give us an update of the estimate?

[mainmachine]

I had high hopes for this app, but at this point I've switched to bitwarden. I think NC needs to drop passman and integrate with an established password manager - bitwarden is the obvious choice for the license and self-hosting capability.

[metalcated]

I also use BitWarden. Great app

On Thu, Oct 22, 2020 at 11:34 AM David Martinka notifications@github.com wrote:

I had high hopes for this app, but at this point I've switched to bitwarden. I think NC needs to drop passman and integrate with an established password manager - bitwarden is the obvious choice for the license and self-hosting capability.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/nextcloud/passman/issues/243#issuecomment-714577292, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAKRQCVVKZBAEZKBYNAQQF3SMBGI3ANCNFSM4C72F7VQ .

[LokeYourC3PH]

So we're in 2023, and yet nothing on this. And all that would be necessary, is to just assign a Vault to a "Group" rather than a single individual, and it would show up for everyone just like Group Shared folders. Shame it hasn't been implemented even after 6 years, would've been a great collaboration tool for NextCloud.

[simaoafonso-pwt]

And all that would be necessary, is to just assign a Vault to a "Group" rather than a single individual, and it would show up for everyone just like Group Shared folders.

If it's so simple, where's your patch?

---

I think integrating to Vaultwarden would be a better use of resources than implementing this, as @mainmachine mentioned before.

[raoel]

@LokeYourLord chances are all this code is voluntary work, that you do not have to pay for to use.

[JVKeller]

Has any of this been implemented yet? I can only see the option to share one password at a time, nothing with tagging.

[knixx-fm]

This is what a dead repo looks like. The project got stuck on the main feature for a cloud: sharing

[simaoafonso-pwt]

Yet another comment on this "simple" issue without a link to a Merge Request, wasting the time of the 40 people subscribed to this issue...

[mainmachine]

Yet another comment on this "simple" issue without a link to a Merge Request, wasting the time of the 40 people subscribed to this issue...

Actually there is value in their comment - it's reminded me to unsubscribe from this issue. :rofl:

[knixx-fm]

My pleasure.

[knixx-fm]

Hi!

It's me again.

Thank's for pushing so hard on this issue but we can all take a break now. The issue can be closed. The solution is: https://github.com/bitwarden

Thank's to all the developers, that came up with the brilliant idea to spoil their users with kind support and open ears for all those years, on this single issue.

Have good night and tip your waitresses!

Edit: P.S. Please make sure to do a PR of the bitwarden repo to your broken repo. All you have to is to throw out your logic and merge that web-frontend into a nextcloud. - I know it may sound a bit odd, but keep in mind how long it took you to get this far. And you have not even accomplished any goal that would make this app usable for teams. Just saying. Sometimes you should face the facts.

Have a very nice day!