Password Managerby Odoo Tools
Nowadays team work assumes a shared access to multiple IT services. Such collaboration is not simple, since definite users should know some passwords and not others. Besides, such passwords should be frequently updated, and team members should learn topical authentication parameters. Often this business process becomes a total mess and results in time losses and leak of important data. The situation is especially crucial in case you administrate customers-related services.
This is the tool to solve the trouble. The app let you organize the system of safe passwords keeping with multiple security layers to efficiently structure, find, and share password bundles.
The tool is compatible with both Odoo Enterprise and Odoo Community.
An access to a specific password is regulated on a bundle level. You may have as many bundles as you want. To share a bundle with a definite user, you should specify that user in the access levels' table. Alternatively you can assign a user group in the same table. For example, you can have a 'sales team' bundle and share it with all users with the right 'Sales Manager', or you can have a global bundle by sharing it with a user group 'Internal user'.
3 access levels to bundles, passwords, and tags are distinguished:
- Administrator may access, update or delete this bundle, its passwords, and its tags. This user is assumed to manage access levels for this bundle, to modify update policies, and set the extra password. The bundle creator is always its administrator.
- Full rights user may access, update or delete passwords and tags related to this bundle, but he/she can't change bundle itself and can't change bundle access levels or settings
- Readonly access user may observe and address passwords and tags of this bundle. Such users can modify any objects.
Take into account that the rules are not applied for the Odoo super user. The Odoo super admin (with id 1) has full rights for all passwords and bundles, although he is also required to enter the extra paraphrase to open a bundle.
The setting 'Responsible for password updates' allows to assign a user who should regularly change the paraphrase in passwords according to the bundle update policies. For such a user the special activity is automatically and regularly created to make sure passwords are secure. There might be only a single responsible for a bundle, and such responsible should have either the 'Administrator' or the 'Full rights' access level.
Although, there is no way to provide 100% security in the Internet, this password manager tries to minimize potential risks.
First of all, the tool symmetrically encrypt all passwords. It means that to decrypt a password, plotters should know the exact decryption algorithm and a bundle decryption key.
Second of all, you can assign the extra security password for any bundle. In such a case to access passwords in the interface, any user should enter a paraphrase. Even if a user has full rights for a bundle, he/she should always know that password. Besides, that paraphrase might be changed at any moment by the bundle admin (if that admin himself knows that paraphrase). Be cautious: do not forget the password. It is hashed and even the PostreSQL super user can't recover it.
Third of all, the security rights are programmed in such a way they can't be changed without the tool source code modification. Even the Odoo super user is not able to change policies.
To guarantee tool correct work you would need a number of Python libraries: zxcvbn, cryptography:
pip install zxcvbn cryptography
Installation TipsIn order the widget works correctly, re-start Odoo server. If you faced the error 'Qweb2: Template is not found': restart Odoo server > refresh the page (Ctrl+Shift+R)
OdooTools is the team of developers and business analysts to help you extend Odoo potential. We have been communicating with end users to whom the software became the main business tool since 2012. As a result, we are proud of dozens of successful Odoo apps developed. We are open for new ideas and challenges to create the best Odoo tools for business needs all over the world.
Odoo Proprietary License v1.0 This software and associated files (the "Software") may only be used (executed, modified, executed after modifications) if you have purchased a valid license from the authors, typically via Odoo Apps, or if you have received a written agreement from the authors of the Software (see the COPYRIGHT file). You may develop Odoo modules that use the Software as a library (typically by depending on it, importing it and using its resources), but without copying any source code or material from the Software. You may distribute those modules under the license of your choice, provided that this license is compatible with the terms of the Odoo Proprietary License (For example: LGPL, MIT, or proprietary licenses similar to this one). It is forbidden to publish, distribute, sublicense, or sell copies of the Software or modified copies of the Software. The above copyright notice and this permission notice must be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.