Locally Hosted Password Management
- Choice of access via many devices and methods:
- KeePass Client (Windows desktop)
- Bruce Schneier's Password Safe Client (Windows desktop)
- Mac Client (OSX)
- Browser Web Client
- Apps for Android, iOS and Windows Phone devices
- Administrator control over access to single passwords or folders.
- Administrator control over company-defined set of hierarchical user roles (grouping users into roles).
- Centralized policies/configuration (optionally mandate what a group of user's client settings should be).
- Copy role and password access function makes user default allocation simple.
- Credit card information, Sin numbers, product keys and passwords, and even files can all be safely stored.
- Import and export capability.
- Backup and restore capability.
High Security
Threat Type It Protects Against | ||
Security Measure. | External | Internal |
Passwords always stored in the server database, never locally. | ||
Secure SSL connection to server: 128-bit SSL certificate. | ||
Database is encrypted using FIPS 140-2 compliant AES256 encryption algorithm. | ||
SHA-512 Hashing Algorithm. | ||
In-Memory Passwords Protection: Passwords are encrypted in memory while KeePass is running. | ||
Clipboard Clearing: After a few seconds of using a password, the clipboard is automatically cleared. | not applicable | |
Server within your Intranet: You can run the database without any access outside of your company walls. | not applicable |
Read more about FIPS Compliance.
Compare Editions
Feature | Enterprise+ | Enterprise | Community |
Share Data Securely
Create, Import, and securely Share access to encrypted entries like passwords, data, and other sensitive information. More details... |
|||
Paranoid™ Module (Zero Knowledge Encryption)
No one can gain access to your passwords. Only you can view & share. Enable device level End-To-End Encryption (E2EE) options to keep secrets from the server, host, and database. More details... |
|||
Quick Installation
Achieve and move on with SQLite AES256 Encryption and IIS Express set up automatically. More details.... |
|||
On-Premise Solution
Control your data on site with local hosting and a perpetual use license. More details... |
|||
Azure Integration
KeePass Hub can be installed on Microsoft Azure. Additional Azure integration options are possible with Enterprise and SSO editions. More details... |
|||
High-Availability Integration
Achieve maximum up-time with load balancing and failover compatibilities. More details... |
|||
KeePass for Pleasant Password Server
Our included KeePass client utilizes the highly secure and user friendly open source interface. More details... |
|||
Web Browser Access
Access data easily through the web client with no additional installation required. More details... |
|||
Autofill Browser Plugin
Seamlessly Autofill credentials via browser plugin, securely retrieve and store passwords. More details... |
|||
Mobile Access Clients
Android and iPhone mobile clients provide secure access through your preferred device. More details... |
|||
Multi-Factor Authentication
Add additional layers of login security with Authenticator apps (TOTP), Biometrics, Yubikey, RADIUS, Email 2FA. More details... |
|||
Authenticator Key (TOTP) Generation
Generate and store TOTP values for Two-Factor Authentication (2FA), Authenticator apps. More details... |
|||
Manage Users
Manually create/delete/edit/disable users, assign roles, change passwords, etc. More details... |
|||
Manage Roles
Create roles, assign permissions and/or select sub-roles. More details... |
|||
User Access View
Create and change User/Role Access Levels for password entries. More details... |
|||
Folder Management
Add/Edit/Move/Delete a folder directories for easy organization. More details... |
|||
Search and Browse Passwords
Easily find the passwords and data you need to access. |
|||
Import credentials from KeePass and other Password Managers
Users can import from single user versions of KeePass and in various formats: KDB/KDBX/CSV/XML/TXT. More details... |
|||
Inherited User Access
Set global access at the root or on any branch of the folder tree. |
|||
Supported Languages
English, German, French, Japanese, Spanish, Dutch More details... |
|||
Multiple Database Types Supported
Choose from SQLite, MSSQL, Azure SQL or PostgreSQL. More details... |
|||
Password Generator
Generate Highly Secure Passwords makes it easy to produce passwords from custom profiles. More details... |
|||
Default Password Profiles
Select a default password templates for all newly created entries. More details... |
|||
Private Folders
Users can keep their own data secure and hidden within the database. More details... |
|||
File Attachments
Files are encrypted along with the password entries. |
|||
API-based Access
Programmatically access credentials through the RESTful API. More details... |
|||
Web Client Customized Settings
Customize the web client display and global settings. More details... |
|||
Scheduled Reports
Configure the recipients, frequency, time, and parameters of audit reports. More details... |
|||
Access Reports
All Settings Reports, User Access Report, Role Access Report. More details... |
|||
Enhanced Reports
Access Frequency, Password Expiry, Password Age, Password Strength and Load Reports. More details... |
|||
KeePass and Mobile Client Offline Mode
Users can create a cache of their passwords so they can be easily accessed offline, with an Administrator set expiry date. More details... |
|||
Password Safe For Pleasant Password Server
Integrates with Bruce Schneier's Password Safe client interface. More details... |
|||
OS X Client
Proprietary password client for Apple OSX users. More details... |
|||
Password History
See the full credential history via Web Client. More details... |
|||
History Restore
Restore any key History items such as Titles, Usernames, Passwords, URL's, Notes, Custom Fields and more. More details... |
|||
Lockout Policies
Set Lockout policies for failed login attempts and alert Administrators. More details... |
|||
Timeout Policies
Configure inactivity log out settings for web and application clients. More details... |
|||
Offline Server Activation
Run your server in a secure air gapped environment, no internet access or external access ports are required. More details... |
|||
Direct Linking to Entries
Share links to entries with your colleagues, with the data safely secured on your server. |
|||
Client Certificate Authentication
Advanced security mechanism allowing connecting Clients to prove their identity to a Server and vice versa. More details... |
|||
Custom Fields
Add custom data fields to your entry to accommodate various value types. More details... |
|||
Audit Events & Compliance
Almost 200 audit event types record user activity and are securely stored and encrypted. More details... |
|||
Logging to Syslog
Password Server can be configured to log events to a Syslog Server. More details... |
|||
Active Directory Integration for Users Access
Get user list from a selected server and select the ones you want to import as users with Windows login access. More details... |
|||
Active Directory Integration for Group Access
Get group list from a selected server and select the ones you want to import as roles. More details... |
|||
Auto-Import New Active Directory Users
Set up a user directory for new AD users to automatically receive Password Server Accounts. More details... |
|||
Active Directory Schedule and Health Check
Regularly sync AD account information and check the directory connection status. |
|||
LDAP and Open LDAP
Supports Lightweight Directory Access Protocol Integration. More details... |
|||
Database Backup / Restore
Automatic Scheduled backups of your encrypted server database. Restore databases quickly and easily. More details... |
|||
Email Notifications
Setup automatic Email Notifications when selected Roles/Users carry out triggering actions. More details... |
|||
Expired Password Notification
Email users and roles when a password is about to expire. |
|||
Scalable Licensing and Support
Stay secure as your organization grows with prorated, upgradable licensing available from 5 to 10,000+ users |
|||
Create New Access Levels
Decide what kind of access a user has and what access they can grant to other users. More details... |
|||
Custom Client Configuration
Create configurations which enforce policies and assign them to specific users or groups. More details... |
|||
Audit Log Quick Filters
Create custom quick filters for reviewing common operations or schedule outputs as a report. |
|||
Appearance and Branding
Customize the Web Client by adding a company Logo and choosing one of the available background themes. More details... |
|||
Bulk Management Operations
Update User and Role attributes dynamically with custom filters and operations management. |
|||
Advanced Folder Options
Create User Preference, Favorites, and Archives for folders for added functionality. More details... |
|||
Pleasant Reset Server Integration
Additional Active Directory Reset accounts available on separate licenses or as a stand-alone product. |
|||
Self-Serve Active Directory Reset
Active Directory / LDAP users can reset their account password from the Windows Log On screen or via web browser. More details... |
|||
Time Limited Access
Access to entries and folders can be granted with a time limit for temporary access. More details... |
|||
Custom Reset Challenges
Configure requirements for account password resets using custom text and image based Reset Challenges with optional multi-factor authentication. More details... |
|||
Required Comment Field
Administrative setting that requires a user comment for accessing a credential. More details... |
|||
Rotate and Sync Privileged AD Credentials
Password Auto-Changer allows AD and Unix system passwords to update on a schedule. More details... |
|||
Store Privileged AD Credentials
Import your existing Active Directory Credentials as new secure entries. More details... |
|||
Email Templates
Custom notification templates to alert users to changes from on server. More details... |
|||
IP Range Restrictions
Limit access to Password Server and enforce different login criteria based on the IP of incoming requests More details... |
|||
Security Zones and Elevation
Allow authorized users to elevate to a increased level of access when required, while using normal permissions for day-to-day tasks More details... |
|||
Request and Approval
Allow authorized users to request access to Folders/Entries, and for designated approvers to be notified, view, and Approve/Deny the request. More details... |
|||
SAML Single Sign On
Log in to Password Server with your preferred SAML Identity Provider More details... |
|||
Universal SSO™ Module (Details)
Added module for Enterprise, it provides unmatched security by never loading a credential on a user's device. More details... |
|||
SSO Proxy for SSH
Highly secured Single Sign On Access to Unix. More details... |
|||
Paranoid™ Module ( Zero Knowledge Encryption )
Enable client-based, device level, End-To-End Encryption (E2EE) keeping secrets from the server, host, and database. More details... |
|||
File Integrity Monitoring
Monitor and detect application file changes More details... |
Client-Side Password Access
- Web Client allows for user access outside the office and with any operating system.
- Easy to use and familiar interface used by millions.
- Only one Master Password is required to remembered by the user.
- Most features of KeePass are supported: continue to use your favorite plug-ins.
- Over 40 language translations available.
- Strong security, including automatic clipboard erase.
- Strong random password generator.
- Import / export from existing database.
- Searching and sorting.
- Auto-type, Global Auto-Type Hot Key and Drag & Drop.
- Time fields and entry attachments.
- View password history in web client.
- Mac Client for OSX users.
- Mobile access with Android, iOS and Windows Phone apps.
Time Saving
- Eliminate lost time on retrieval of forgotten passwords.
- Active Directory / LDAP function allows for quick user import through the “Auto Import Enabled” setting and auto account creation for users on first user login.
- Setting access levels for roles rather than individual users and then assign roles to users.
- Client Configuration allows configuration settings to be easily set and enforced.
- No extensive training required.
Cost Saving
- Reduce password retrieval or reset costs managed by a help desk by 40% or more.
- Improved productivity and downtime throughout the organization.
- Reduce administrative costs with much greater access and controls.
- Quick capabilities for new user setup or lapsed user disconnection.
- Sharing of Passwords across teams is quick and simple.
Policy Enforcement
- Establish Password policies that can be enforced.
- Ensure accountability of every access point to sensitive data with logging tool.
- Implement defined configurations that ensure policy adherence.
- Access Levels definition enables variable settings that can easily be assigned to Roles or Users.
Widely Accessible
- Web Client enables access through the internet (Any internet connected device can access Pleasant Password Server including smart phone, tablets, and home computers).
- Native Windows clients (Keepass and Password Safe).
- Native Android, iOS and Windows Phone apps.
- Native OSX client.
Well Supported
- Free Upgrades and Support for one year.
- Video tutorials explain key features and setup, so you’re up and running fast.
- Customized implementation and maintenance is available through local partners.
Compare To Competitor
We are very confident in our extensive feature set. Visit here to compare us to a specific other option. Alternatively, just browse the summary of features below.
Incredible Value
- Best price in the market, with only a one-time fee.
- No-risk, 90-Day Money-Back Guarantee.
Server's System Requirements
- Windows Vista/7/8/10 or Windows Server 2008/2012
- .NET 4.5+
- Detailed Requirements