What is Passportal?
Passportal software suite is a password and document management system developed by SolarWinds. Passportal allows for the secure storage and password management primarily geared toward managed service providers and network operation centers.
Passportal was built around providing the right mix of security, organization, and accessibility for network technicians providing client services, such as endpoint protection. Passportal removes the risk of insecure password management methods such as Excel spreadsheets and replaces it with a centralized user-based software solution.
Any device on a network can utilize Passportal’s storage. With its centralized encrypted database, all of your managed client’s passwords can be organized and secured in one location.
This allows network technicians to gain access to devices and servers in just one click, without having to know or type the password.
In this Passportal review, we’ll dive into all of the software’s features, use cases, and even test it out in an MSP environment.
How Much Does Passportal Cost?
Like most B2B software companies you’ll have to schedule a live demo to get accurate pricing. Their pricing model works on a per-user charge. At this time, Passportal costs start from around $20.00 (GBP $16.17) a month per user and the cost can increase when you add on additional features such as Documentation Manager.
What Are Passportal’s Key Features?
Passportal is designed to make network technician’s work more streamlined while still maintaining compartmentalized security to your client’s assets.
Passportal Accessibility
Passportal is accessible via a lightweight cross-platform browser plugin that can be used for quickly getting access to privileged logins across any environment. It’s currently compatible with Firefox, Chrome, Edge, and all Chromium-based browsers. The interface is easy to use, and once you’re signed in to your Passportal account, you have instant access to your passwords.
From a management perspective, this feature lets your technicians have secure access to Passportal from any device without having to connect to a VPN or be inside the company network. This also eliminates insecure practices such as writing down passwords or taking pictures of complex passwords on a phone.
As a technician, Passportal will save you valuable time logging into devices, networks, and websites. No need to worry about remembering complex passwords or transporting that information insecurely on-site.
If your organization uses ScreenConnect to remotely manage networks, Passportal has a plugin that connects right into the ScreenConnect window. This allows for the same convenience and ease of access found in the browser plugin.
Third-Party Integrations
There are many different types of RMM, PSA, and third-party integrations that Passportal can tap into to keep your data accessible and up to date. This includes platforms such as SolarWinds RMM, ConnectWise, Auvik, Datto, NinjaRMM, and KaseyaVSA.
The ConnectWise integration is particularly useful for MSPs and can dramatically cut down on time spent hunting for passwords and scrolling through emails for credentials. Passportal fits right into the ScreenConnect window and can pull down the passwords you need in just a few clicks.
One of my favorite integrations is Passportal’s ability to automatically sync client information and assets directly from Auvik, right into Documentation Manager. This allows larger organizations who rely heavily on network management to avoid duplicate content, and missing client assets across their platforms.
Passportal is also fully compatible with all Windows domain controller environments as well as Azure AD and Office 365.
Self Service Password Reset
Passportal’s self-service password reset allows for both end-users and NOC technicians to reset their own passwords if they get locked out. This is done via multi-factor authentication.
The password reset feature is an excellent tool for technicians to quickly manage their own user accounts if needed.
This feature can also be implemented for your client’s organization as well. With an LDAP integration, end-users could unlock their own Windows-based account via multi-factor authentication.
Self service password resets can be accessed by users via the SolarWinds Passportal Blink Mobile App. This application links back to your Windows environment and allows users to authenticate to the network and reset their credentials in roughly one minute.
Blink Mobile App uses biometric fingerprint scanning right on the smartphone to verify a user’s identity and reset their password. Users will receive a one time temporary password that they will change once they log in.
While the process is simple, this might take some time to smoothly implement across an organization. Users will also need smartphones with fingerprint scanning to utilize the biometric authentication feature. Over time, this feature should drastically cut down on forgotten passwords and locked account tickets.
Reselling The Passportal Service
In addition to using Passportal internally for password and client documentation management, you can also resell this service using the white-label capabilities to your existing managed client portfolio.
Passportal gives you full control and allows you to repackage the software with your own colors, style, and branding. This gives your clients access to the same password protection features that you use internally.
Network Integration
Passportal can connect to any Windows server environment via an LDAP connection. This allows for seamless password resets and the syncing of windows accounts to Passportal.
When a user changes their password in Windows, it automatically syncs with the central company password vault. This is an excellent feature for technicians who need to test applications under a certain user or perform after-hours work.
With one click the user’s password is securely entered without the technician needing to ask the end-user, or see their credentials.
Secure Password Sharing
On the administration end of Passportal there are a few great ways you can securely share passwords internally and break that access down by group.
For example, you can create a password vault that level 1 support has access to, and another client vault where only level 2 and 3 technicians can gain access. This segmentation and flexibility was truly built with the MSP in mind, and allows for more internal security and control.
Outside of the group company vault, each technician can have their own private Passportal password storage. This will allow them to save their personal passwords to vendor sites, or other tools safely and separately them from the company password storage.
I personally enjoy this level of flexibility, this encourages the use of password management across the entire organization both internally and externally.
Passportal Security
Passportal’s key focus is on increasing network technician efficiency while maintaining the highest level of security. With 81% of company data breaches stemming from poor passwords, Passportal aims at tackling this problem head-on by encrypting long complex passwords in a secure digital vault.
A massive risk to MSPs comes from attacks that originate internally. Whether that be a disgruntled employee or a simple accident, the amount of damage that can be done from poor password management internally could be detrimental to you and your client’s business.
Passportal addresses internal security through compartmentalization. It’s ultimately up to the MSP how they want to separate network access, and Passportal makes that functionality easy to implement.
You can create groups within Passportal that can restrict certain levels of technicians from accessing certain passwords. Or if your team members are assigned specific clients, restrict their access to only their clients. This can be done at scale on a per device, client, application, or user basis.
Passwords inside Passportal are encrypted with AES-256 bit encryption a minimum of 300 times using 6 different SHA-256 randomized hash keys. Two keys are generated per password and one of those hash keys is not generated or stored by Passportal.
When you register with Passportal you’ll be required to create an organizational passphrase. This generates a remote encryption key that lives outside of the SolarWinds Passportal
In addition to the password storage security, all communication data is encrypted with 2048-bit SHA256 SSL to ensure your information is protected both at rest and in transit.
Having a secure centralized password solution also enables managed service providers to be confident that when their own technicians leave they are not taking any privileged company information with them. Restricting access to hundreds of devices is as simple as disabling one account inside of Passportal.
Auditing Inside Of Passportal
The audit tool makes Passportal an incredibly powerful tool for any organization looking to have a solid chain of actions they can review. Choose from 9 different types of reports to gain insight into how your users are using Passportal
- Changed Passwords Reports allow you to audit any password that has been changed for a selected date, or group.
- Client Audit Log lets you view all actions done for a particular group or client.
- Passportal Logins Report provides an overview of all logins within a certain date range or group. It also provides the IP address of each login.
- User Audit Report gives you all details on a specific user.
- Password Complexity Report tests the complexity of a client or group’s password. This is great for identifying end-users who need password policy training.
- Client Password Report lets you export or import all the passwords for a specific client.
- Passwords Known By User displays all of the passwords a specific user has access to. This can be applied to groups as well. This is useful for auditing access control.
- Unchanged Password Report audits users and groups and reports back the last date their password was changed. This is another report that could be used to identify users who need further network security training.
- Passwords Input By User can show you exactly who put in what passwords. This can be sorted by groups as well and is a useful tool when auditing where a specific user has signed in overtime.
Passportal Documentation Manager
Documentation Manager is an additional part of Passportal that ties directly into making the help desk more efficient by managing all the documentation access for the network operation center.
Documentation Manager can organize all documents an MSP may need to keep track of. From vendor information to client SOPs, Passportal’s Documentation Manager has it covered. This is an additional feature that will need to be activated by your account manager if you have not paid for it already.
Over time, unorganized procedures and “insider knowledge” can considerably limit a service provider’s growth, and add unnecessary time to otherwise simple tickets. Documentation Manager aims to be the final place for procedures, client information, vendor contacts, licensing, and certificates.
If your MSP is already behind and has a lot of unorganized assets they will need to spend the time uploading all of the files into each client’s section. Luckily, Passportal provides a clean interface and a simple procedure for moving files over. It might take some time, but will be well worth it once everything is organized.
Much like the permission settings in Passportal’s password manager, Documentation Manager uses the same system of providing user access. Documents and clients can be restricted to specific users, or specific groups depending on your needs and team structure.
All documents can be audited as well. This will provide details such as who has viewed or made changes to a specific document.
Utilizing Templates In Passportal
Documentation Manager helps keep policies and procedures uniform and organized by using document templates. This allows network technicians to quickly and accurately find information to ultimately close out tickets faster.
A major problem for MSP help desks is the ability to find information quickly while troubleshooting. Documentation Manager aims to solve this by creating a centralized database where information is not only stored, but given a framework and method of organization.
The template system utilizes a block type style where you can configure certain templates for any specific policy or procedure. The column count feature is a great way to break down complex long-form tasks and make them manageable and easily understandable for the help desk.
Within the column, you can add elements such as checkboxes, text areas, divider lines, and linked items.
Linked items help keep each procedure clean and organized while still creating a clear path between the documents for technicians to follow. We’ll touch more on linking later in the review.
This not only increases the technician’s efficiency but also makes onboarding new team members a much smoother process.
Linked Items
As you begin to fill the Documentation Manager with your procedures, SOPs, and client information, you can start to take full advantage of the linked items feature. When you link a document you create a relationship between the two pieces of information. This allows for those related items to show up in the unified sidebar while you’re working.
For example, if you’re in the middle of a procedure that requires you to go and copy an encryption key, rather than leaving the document to go find it, that procedure populates that relevant information in the sidebar.
Information like phone numbers, admin passwords, encryption keys, geo-locations, and email addresses can all be accessed or copied with one click of the linked item icon.
This drastically eliminates the hunting and pecking of information throughout your origination and saves a massive amount of otherwise wasted time.
Runbook
Another power feature of the Documentation Manager is the ability to produce Runbooks.
A Runbook is a collection of documentation, articles, password, and any other relevant information you might want to group together and view.
Runbooks can be completely customized by the type of information they contain, but it’s primarily used to export information about specific clients.
Choose exactly what category of information you include in your Runbook via simple switches. This makes exporting information that needs to be shared with vendors, partners, or contractors easy, safe, and convenient.
If you need to include passwords in your Runbook you can choose to include them either asterisked or in plaintext. Once you’re ready, you can export and begin to build out your Runbook. You have the option to instantly create your Runbook, or schedule it for a specific day.
The scheduling feature is particularly useful if you need the information to be as up-to-date and as accurate as possible.
Public Document Publishing
The Public Document Publishing feature gives you a secure and convenient way to share documentation with vendors and external users. Within the Documentation Manager, public documents are labeled with an icon so you can easily identify what information you’re sharing with specific parties.
Public documents have a host of features that help control your information and restrict access based on your organization’s needs. Only the Organization Admin and Publish Item role can publish documents by default.
Documents can be shared once the Enable Public Link button has been switched to on. A link is generated and from there you’ll be able to customize whether you want the link open to anyone who has it, or password protect the document for further security.
Public Documents also contain useful features such as expiration dates, where the information becomes unavailable after a specified date or time. There’s also the ability to limit the document’s access by the number of views, where the document will expire if a certain view threshold is met.
As quickly as you published the document you can retract that access and make it private again. With a simple click of the radial menu, you can choose the Remove Publishing option. This instantly revokes access to the document and removes the published state of the document.
Passportal Pros & Cons
Passportal Review Conclusion
Passportal is a comprehensive password and documentation manager that serves the needs of MSPs and NOCs extremely well. Passportal brings powerful features and tools to the table while still utilizing a beautiful and sleek user interface.
Pros:
- Supports automatic Active Directory sync via LDAP
- Can run access audits to easily identify internal changes made during a period of time
- Supports compliance reporting to identify weak passwords and force changes base on policy
- Users generate their own encryption key, securing their cloud data from third parties, including Passportal
Cons:
- Smaller networks may not benefit from the MSP/enterprise-specific tools Passportal offers
Passportal solves many of the most common and frustrating problems service providers experience while satisfying both the needs of the technicians as well as the management. Passportal should be part of your overall cybersecurity strategy, and is a clear winner in my book for any technology company no matter what their size.
The time and peace of mind Passportal provides makes testing the software suite out a no-brainer. You can register for a free demo of Passportal with all of its features via the link below.