Unlocking Password Management Potential in Jira with Vault Password Manager

The rising dependence of businesses on Jira for project management and collaboration has underscored the significance of protecting sensitive information. To address this issue, utilizing a password manager that seamlessly integrates with Jira offers a potential way forward.

The Vault Password Manager, an application specifically designed for Jira teams by Alpha Serve, an Atlassian Platinum Marketplace Partner, offers a reliable solution to manage passwords securely. Available on the Atlassian Marketplace, it enables Jira teams to securely store, manage, and share sensitive information, including passwords, within the Jira platform.

This article provides a comprehensive analysis of the Vault Password Manager and presents a detailed guide on how to use Vault Password Manager effectively. It also outlines how to manage passwords within Jira using the Vault, ensuring your credentials are handled safely and efficiently.

Here’s what we’ll cover in this blog post:

• Vault Password Manager: Overview
• Vault Password Manager for Jira: Features
• How to Set Up Vault Password Manager for Jira
• How to Recover Password to Vault Account
• Conclusion

Vault Password Manager: Overview

What is password manager app? A password manager is a tool that securely manages, stores, and retrieves passwords for numerous accounts, adding an extra level of protection against assaults involving passwords, including phishing, brute force attacks, and credential stuffing.

In this approach, Alpha Serve’s Vault Password Manager is an enterprise-grade tool that offers safe storage, administration, and sharing of all confidential information within Jira. The solution provides several features, such as encrypted storage, centralized administration, secure data exchange, and authorized quick access to Vaults directly from Jira. This makes it a suitable option for distributed and remote teams.

Vault Password Manager is a software solution designed to cater to the needs of teams and organizations of varying sizes. It benefits those who use Jira and must manage multiple accounts across multiple platforms. The product offers comprehensive safeguarding measures and sophisticated password protection to shield businesses against cyber threats. The app provides centralized administration, which allows Jira administrators to easily manage and control users’ access and permissions.

Vault Password Manager is a Forge app fully hosted by Atlassian. Forge apps run inside a second security layer that enforces tenancy isolation and data egress restriction by design.

Vault Password Manager for Jira: Features

Storing password vaults in a secure environment can help businesses mitigate the risk of unauthorized access to their sensitive data. Vault Password Manager is an indispensable app for organizations prioritizing data security and seeking to reduce the possibility of data breaches.

Through encryption, the Vault Password Manager app provides encrypted storage of confidential material, such as login credentials, credit card details, and other sensitive data. Implementing the use of Vault Password Manager can positively impact security measures and efficiency by simplifying the password management process.

The Vault Password Manager provides a range of critical features that include:

Unlimited Personal & Shared Vaults

Users can create unlimited Personal Vaults with individual access or Shared Vaults to share with Jira users or groups, offering a flexible approach to password management.

Extra Security Layers

Vault Password Manager offers advanced password security and manages access permissions based on Jira user roles, providing additional password storage protection and enhancing safety in addition to the basic Jira sign-in security.

Multiple Record Types

Users can create different types of records such as passwords, pin codes, notes, credit card details, FTP access, SSH keys, and more, providing a comprehensive solution to manage sensitive information.

Built-In Password Generator

Users can create secure, one-of-a-kind passwords that are challenging to decipher or guess with the help of the built-in password generator. Since weak or apparent passwords are one of the most frequent reasons for security breaches, it can significantly improve the security of your Jira setting.

Safe Data Exchange

The password manager app offers secure and reliable data exchange between Jira users, allowing them to share and access sensitive information without compromising security, reinforcing collaboration and productivity.

AES 256-bit Encryption

The app employs the Advanced Standard (AES) algorithm in Cipher Block Chaining (CBC) mode, which banks and the US military trust. Each user’s application password derives a 256-bit key for encrypting their data.

How to Set Up Vault Password Manager for Jira

Configuring and running Vault Password Manager for your Jira instance is a simple process. However, to fully complete the steps, you must have Jira Administrator permissions.

Step 1: Install Vault Password Manager

1. Log into the Jira cloud instance where you want to install Vault Password Manager. Go to Manage apps in the administration console.
2. Use the Find apps feature to search for Vault Password Manager.
3. From the search results, select Vault Password Manager.
4. Click on Try it free for a 30-day trial license, and follow the prompts to start the free trial. You’ll receive notifications about the plugin installation process and its successful completion.
5. You can also install the app directly from Atlassian Marketplace by visiting Vault Password Manager product page.

Step 2: Create Vault Account

1. To access Vault Password Manager, go to the Jira main navigation menu and click Apps, followed by Vault Password Manager.
2. After accessing the app from the main navigation menu, you’ll be prompted to accept authorization for the app to access your Atlassian account. Click the Accept button to grant the necessary permissions and create your account.
3. Once you have authorized Vault Password Manager to access your Atlassian account, you will be taken to the Welcome page, where you can create your account password. This password is an extra security layer for your Jira account and is used to unlock the app and decrypt your stored items. Click the Next button to proceed with the password creation process.
4. It’s essential to create a solid and unique password that you will remember to ensure the security of your stored data. The app requires a password that is at least 8 characters long and asks you to confirm it before proceeding. Confirm your password and click the Next button to proceed. Once you have created your password, Vault Password Manager cannot access it.

Step 3: Download Recovery Key

The Recovery Key is a randomly generated 44-character code that provides an alternative way to access your account if you forget your password. Although not mandatory, using a Recovery Key adds an extra layer of security to your Vault Password Manager account. To obtain your Recovery Key, click the DOWNLOAD button to save the auto-generated PDF file.

We highly recommend printing it out and storing your Recovery Key securely!

Step 4: Sign In to Vault Account

To log in to your Vault account, you must sign in with your password. To access Vault Password Manager, go to the Jira main navigation menu and select Apps, then choose Vault Password Manager from the list of available apps. Enter your password and click the SIGN IN button.

If you are trying to log in to your Vault Password Manager account from a new device, you must provide a Recovery Key. Consider that the Recovery Key serves as a crucial backup for accessing one’s account in the case of a forgotten password or loss of access to the primary device. Keeping it safe and secure hence becomes essential.

After signing in, you will be directed to the Vaults Dashboard page, which displays all of your Vaults.

Three types of Vaults are available:

1. Private Vaults are meant solely for personal use. They are strictly inaccessible to others.
2. Organization Shared Vaults available to all members within an organization. Visibility is universal, and the ability to edit or share depends on the given editing rights.
3. Created Vaults with special edit rights assigned on an individual basis. This ensures total authority over the accessibility, editability, and shareability of the vault.

By clicking on the responsive icon, you can modify the display of the dashboard overview.

Step 5: Create and Share Vaults

1. Create New Vault

To create a new Vault in Vault Password Manager, go to the Vault Dashboard and click on the + Create New Vault button at the page’s top right corner. Enter the new Vault’s name and description, then click Create Vault to complete the process.

The Vaults in Vault Password Manager have 3 levels of permissions that can be assigned to users:

• View: users can only view items in the Vault.
• View & Edit: users can create, edit, delete, and export items in the Vault.
• Full: users can perform all the above actions and share Vault with other users or user groups.

By default, the user who creates the Vault has Full permissions.

2. Share Vault

The sharing options for Vaults are designed for flexibility. You can selectively share them with individual Jira users, distribute them to Jira Groups, or utilize a combination of both for a more tailored approach to sharing.

To share your Vault with Jira user/users:

Click the Share to People button on the Vault details page. Use the search bar to find the users you want to add. You can search by name or email address. Click Share next to the users to add them to your Vault.

By default, newly added users are granted ‘Allow View’ permissions. If you wish to modify these permissions, click on the Adjustment icon next to the user’s name and select the desired permission level: ‘Allow View’, ‘Allow Editing’, or ‘Allow Managing’.

To finalize the process of sharing your Vault with the selected Jira user, click the Share (Vault name) button. Remember, there is no limit to the number of users you can add to your Vault.

To share a Vault with Jira Groups:

Click Share to Group to share the Vault with Jira Groups. Use the search bar to find the Group you want to share the Vault with and click Share next to it.

Review the added Group(s) and set permissions for each Group by choosing one of the available options: Allow View, Allow Editing, or Allow Managing. Then click on the Close icon. Click the Share (Vault name) button to confirm Vault sharing to all selected Groups.

3. Edit Vault

Navigate to the Vault Dashboard. Click on the Gear icon located on the Vault you wish to edit. It will redirect you to the Vault details page. Click the Edit details button. From here, you can update the name, icon, and description of the Vault or change your sharing settings. Once you have made the desired changes, click the UPDATE VAULT button to save the changes.

Step 6: Create and Edit Items

Once you’ve set up your Vault and granted access to the necessary Jira users and Jira Groups, you can begin storing any sensitive information securely. The types of data you might include are shared account’s credentials, credit card details, database credentials, API keys, and more.

1. Create New Item

Open the Vault and click on the + New Item button. Afterward, you can choose the type of item you want to add to the Vault.

The supported credential types with predefined fields in Vault Password Manager include Login, Password, Secure Note, Credit Card, Bank Account, API Credentials, Software License, Email Account, Database, SSH Key, and Wireless Router.

Additionally, Vault Password Manager offers a built-in password generator.

Each credential type has its own set of predefined fields. Ensure to fill out all necessary fields before clicking the Save button.

Feel free to continue adding as many items to your Vault as necessary, following the same process.

2. Edit Items

Select an existing item from the list and click the Edit button to change it. Apply necessary edits and click on the Save button to confirm changes. If you do not want to make any changes, click the Cancel button. To delete an item, click the three-dots icon and select Delete record.

That’s all!

By following these guidelines, you can take control of your passwords in Jira security and keep your sensitive information safe. Utilize Personal Vaults for storing individual credentials and personal data. Team Vaults are perfect for managing shared account credentials and other relevant team data.

Lastly, the Organization Vault provides an ideal platform for sharing necessary data or credentials across the entire organization. By harnessing Vault Password Manager, you can ensure a seamless and secure password management experience like never before, all within your Jira account.

How to Recover Password to Vault Account

Recovering a password for the Vault account involves two options: Self Recovery and Admin Recovery. Both options are simple and can be easily executed.

Steps to follow for Self Recovery:

Self-recovery is a process available to users with a Recovery Key only. In the event that you do not have a Recovery Key, you’ll need to proceed with the Admin Recovery method.

To start the self-recovery process, click “Self Recovery” from the available options. You will be suggested to enter the Recovery Key you previously downloaded. After that, you must click the “RECOVER MY ACCOUNT” button.

If the Recovery Key is accurate, the system will direct you to the page where you can set a new password. To create a new password, you will be asked to create a new password that is memorable to you. Ensure that it matches the initial password you entered. Finally, click the “Next” button to complete the process.

Upon successfully confirming the new password, you can obtain your new Recovery Key by selecting the “DOWNLOAD” button. Use a new Recovery Key for all future account access and to dispose of the previous one.

Steps to follow for Admin Password Recovery:

Users with the Jira Administrator role are the only ones who can Accept or Cancel Password Recovery Requests.

​​Select the “REQUEST ADMIN RECOVERY” option. You will be led to a page where you must provide further details regarding your request. In this step, the “REQUEST ADMINS FOR RECOVERY” button needs to be clicked.

The approval of your requests is subject to the discretion of Jira Admins. Jira Admins will refer to the instructions for accepting or canceling password recovery requests.

After receiving approval for your request, you can complete the password recovery process. To reset your password for your Vault account, please click on the “COMPLETE RECOVERY” button.

Firstly, you will be asked to create a new password that will be remembered. Afterward, you must re-enter this password to confirm that it matches the initial password you entered. Finally, click the “Next” button to complete the process.

Now you can download your new Recovery Key by clicking the “DOWNLOAD” button to use for future account access and discard the previous one.

Conclusion

The security and efficiency of your data can be significantly strengthened by using Vault Password Manager. Vault Password Manager offers features that can assist in maintaining the security and organization of confidential information, regardless of the size of the team or organization.

Implementing robust passwords, utilizing two-factor authentication, and adhering to other suggested security protocols can help you proactively safeguard against potential security risks and reap the advantages of secure password management.