Webpass: password manager for companies

Webpass Doesn't Have Access To Your Passwords Our service is created in such a way that any sensitive data (passwords, notes) is transmitted to the servers and is stored in the local storage of the browser exclusively in encrypted form, and this way eliminates the possibility of interaction to data both from the Webpass server and from third parties. The key to the cipher is your master password, which is never kept open during working process. Be careful! Security of this method means that in case of loss of the main and reserved master password we will not be able to restore your data

Unauthorized Access Risk Notification The security system monitors the confidentiality of passwords and timely reports about cases when changing of password of the account is necessary (for example, when employee lost access to the account, was retired, etc.)

AES-256 and RSA Data Encryption Sensitive data are encrypted using AES-256 algorithm, which is adopted by governments of different countries as the encryption standard. The key for the algorithm is being extracted by converting the master password into a cryptographic 256-bit password. Data transfer between users is carried out using the RSA algorithm; its mathematical functions generate two keys for the system: public and private. The public key allows you to encrypt the transmitted data so that only someone who knows the private key can decrypt this data. The private key is known only by the recipient, and this is a key feature of the asymmetric encryption method. Similarly, user's data are protected by Telegram app.

Two-Factor Authentication You can provide an extra security for your Webpass account by two-factor authentication. An authorization key is being generated on the user’s smartphone by Google Authenticator app, and this key is valid during 30 seconds. Thus, even if you know the master password, the enter into the Webpass account without access to the smartphone will be impossible.

Setting Password Complexity Users like to use similar and too simple passwords. You can determine the minimum available password complexity and prohibit the use of the same password more than once.