Skip to main content

Password Operations

About Passphrases

Secrets are objects that store credentials and related information saved to Device42, typically for the use of authentication during discovery.

Before creating your first Secret, you need to set a passphrase to encrypt all stored passwords. You won't be able to create a password without setting a passphrase, and failing to do so will result in the following error message:

If you back up and restore your data to a new Device42 appliance, you'll need this passphrase to decrypt (or see) the passwords.

Create a Passphrase

Navigate to Tools > Settings > Password Security and enter a 12-32 character passphrase. The longer the passphrase, the better. This is a one-time setup, so please choose your passphrase carefully and save it in a safe location.

Set PassphraseSet Passphrase

Add a New Secret

Navigate to Resources > Secrets >All Secrets and click Create.

You'll also have the option to add a new Secret from discovery job pages and anywhere else credentials are needed.

Add new SecretAdd new Secret

Fill in the following fields:

  • Username: Required for all accounts. Even if there isn't a username, assign one for easy identification and searching.
  • Label: Optional labels are helpful for differentiating between and searching for Secrets.
  • Category: Select a category or add a new one.
  • # Days Before Expiration: Number of days before the password expires.
  • Use Password: Selected by default.
  • Password Storage: Choose between Normal or Burnt. See Burnt Secret Storage for more information.
  • Password: Required when Use Password is selected. Click the eye icon to display the password.
  • Key File: Select an existing key file stored on your machine.
  • Devices: Optionally assign one or more devices to a password. Useful for easy searching and centralizing all device passwords.
  • Application Components: Optionally assign one or more Application Components to a password.
  • Notes: Searchable free text.
  • Last Password Change: Provide the date and time the password was changed.
  • Custom Fields: Assign custom field values. Learn more about creating a custom field for Secrets.

Assign Permissions

At least one user or group needs to be given permission to view and edit the password (otherwise, no one can edit it).

If View Edit Users and View Edit Groups are left empty, the logged-in user is automatically added to View Edit Users.

  • View Users: Users who can view the password.
  • View Groups: Groups that can view the password.
  • Use Only Users: Users who can only use the password.
  • Use Only Groups: Groups that can only use the password.
  • View Edit Users: Users who can view, edit, and delete the password.
  • View Edit Groups: Groups that can view, edit, and delete the password.

Generate a Password

When adding a new account and password, you can autogenerate the password. Click Generate Password at the top right of the Add Secret page. Click Use to insert the generated password or Generate Other to get a new password.

Generate Password windowGenerate Password window

The default case, number, and special character counts can be changed in the Secrets section of the Tools > Settings > Global Settings page.

Secrets section on Global SettingsSecrets section on Global Settings

View Secrets

Navigate to Resources > Secrets > All Secrets to display the Secrets list page. You can search for a password by username, label, Application Component, device name, or notes.

Note that the search bar doesn't return matches for passwords. You have to go to the Secrets list page to perform a search for specific passwords (stored in the Secret object).

By default, the password is not displayed. Click the blue eye icon to display the password or to hide it again. Click the blue copy icon to copy the password to your clipboard.

Secrets list pageSecrets list page

Click the Username to view the Secret, and then click Edit to display the Change Password page. Click the ellipsis icon to display the password.

View SecretView Secret