DocumentationRelease Notes
Log In
Documentation

Password Safe

Suggest Edits

What is Password Safe?

BeyondTrust Password Safe (PS) is your Just-in-Time (JIT) privileged access management solution that ensures your resources are protected from insider threats.

Password Safe Cloud includes a web-based interface for executing password and remote session requests and approvals. You can launch the Password Safe web portal by selecting Password Safe from the left navigation menu in the BeyondInsight management console. The web portal is configured by your Password Safe administrator.

Password Safe Cloud's random password generator algorithm does not use any common phrases or dictionary words as inputs or in its generation. It selects each password character randomly from the list of allowable characters, numerals, and symbols to build the password.

A Password Safe user is authorized to log in to the Password Safe portal and perform specific tasks, as determined by the privileges assigned to that user.

How is it useful?

Password Safe enables you to have complete visibility and control of privileged credentials and secrets used by human and non-human users, in a single solution. With Password Safe, you can:

  • Secure privileged accounts, applications, SSH keys, cloud admin accounts, DevOps secrets, service accounts and more, with a searchable audit trail for compliance and forensics.
  • Scan, identify, and profile all assets for automated onboarding, ensuring no credentials are left unmanaged.
  • Monitor and record live sessions in real time and pause or terminate suspicious sessions.
  • Use Secrets Safe to empower your teams with the confidence to securely develop and deploy cloud solutions.
  • Leverage Workforce Passwords to bring enterprise-level visibility, security, audit support, and ease of use to business application password management.

How do I access Password Safe?

Your Password Safe administrator configures login credentials for the web portal. Contact your administrator if you are unsure which credentials to use. Potential authentication methods include:

  • Password Safe: Enter your Password Safe credentials and then click Login.
  • Active Directory: Enter your Active Directory credentials, select a domain from the list, and then click Login.
  • LDAP: Enter your LDAP credentials, select an LDAP server from the list, and then click Login.
  • RADIUS: Enter your Password Safe credentials and then click Login. Enter RADIUS code and then click Submit.
  • Smart Card: Select a certificate and then enter the smart card PIN.
  • SAML: Follow the procedure for your third-party authentication type.

ℹ️

Note

If presented with a pre-login banner, you must click OK before you can enter your credentials.

Select a display language

The Password Safe web portal can be displayed in the following languages:

  • English
  • French
  • German
  • Japanese
  • Korean
  • Portuguese
  • Spanish

If your BeyondInsight administrator has the option enabled, you can select a language from the list on the Log In page or by clicking the Profile and preferences button, and then selecting it from the Language list.

ℹ️

Note

If no languages are available, contact your BeyondInsight administrator.

Updated 5 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.