DocumentationRelease Notes
Log In
Documentation

Password Safe On-Premises Home Page

Suggest Edits

  1. Sidebar: Easy access to all pages in BeyondInsight.
  2. Header: Navigate to your favorite pages, view your notifications, access your connected apps, and set your account preferences.
  3. Tabs: Depending upon the permissions assigned to your user account, the Password Safe portal displays the following tabs:
    • Accounts
    • Requests
    • Approvals
    • Sessions
    • Admin Session
  4. Category: Select to view category-specific information.
  5. Filter dropdowns: Select an item in the filter dropdowns to further filter information.
  6. Password Safe grids: Displays information based on tab, category, and filter selections.

Set grid display preferences

You can set display preferences on Password Safe grids, using the following options represented by icons above the grid:

  • Columns Chooser: Select the columns to change the column headings and information displayed in the grid.
  • Grid Configuration: Choose the grid layout: Compact, Default, or Expanded.
  • Expand Grid: Enlarge the display area. When selected, the icon changes to Collapse Grid. Click it to collapse the grid back to its original display.

An option to change the number of displayed Items per page is located below the grid. The changes appear dynamically as they are selected.

Password Safe Tabs

Accounts tab

The Accounts tab lists the managed accounts for which you have permissions to request access to retrieve passwords and start sessions. From this grid, you can initiate an access request for the listed accounts. From the Accounts tab, populate the list of managed accounts in the grid using any one of the following options:

  • Click the Browse by Category buttons: Favorites, Recently Used, Local Accounts, Domain Linked Accounts, and Applications, to filter the list by category.
  • Select filter criteria from the Filter by dropdown to filter by selected account properties.
  • Search for accounts using the Quick Filter option.
  • Click Load All Accounts to load all accounts in the organization.

ℹ️

Note

The Status column from the Local Accounts and Domain Linked Accounts grids was removed in Password Safe version 23.1. This column, now called Account Status, has been re-added in Password Safe version 23.3.

ℹ️

Note

For optimum efficiency, the web portal screen resolution should be no less than 1280 × 800 pixels.

ℹ️

Note

When you first log in to the Password Safe web portal, no accounts are available in the Favorites tab. Click the star next to the account to add it to the Favorites tab. Click Refresh above the grid to update the listed accounts.

Requests tab

The Requests tab displays for users who have been assigned the Requestors role for any managed systems in Password Safe. It lists all requests that you have made. You can filter by approved and pending requests and view the request details by clicking the vertical ellipsis for the request, and selecting View Request Details. You can also check-in a request by clicking on the vertical ellipsis for the request, and selecting Check-in Request.

Approvals tab

The Approvals tab displays for users who have been assigned the Approver role for any managed systems in Password Safe and for Password Safe administrators. Approvers can view all requests for managed systems for which they have been assigned the Approver role. Password Safe administrators can view all requests for all managed systems. You can filter the requests by approved and pending requests, view request details, and approve or deny requests.

To view details of the request, click the vertical ellipsis for the request, and then click View Request Details.

To approve or deny a request from the Approvals grid, click the vertical ellipsis for the request, and then click Approve Request or Deny Request.

Sessions tab

The Sessions tab is displayed for users who have been assigned one or both of the two session reviewer roles for any managed systems: Recorded session reviewer and Active session reviewer. Depending on the roles assigned to your user account, you can view active or completed sessions using the buttons above the grid. By default sessions for all protocols are displayed. You can filter the list of sessions to display only RDP or only SSH sessions using the Protocol dropdown.

To view details of a completed session or to view the session, click the vertical ellipsis for the session, and then select View Details or View Session as required.

To view, lock, or terminate an active session, click the vertical ellipsis for the session, and then click View Session, Lock Session, or Terminate Session as required.

ℹ️

Note

Admin sessions are listed in the grid only for users who have read permissions to the Password Safe Admin Session Reviewer feature, as assigned by your Password Safe administrator.

Admin Session tab

The Admin Sessions tab is displayed only for users who have full control permissions to the Password Safe Admin Session feature and for Password Safe administrators. Admin sessions allow you to open ad hoc RDP and SSH sessions without going through the request process and allow you to select a node associated with another region to act as a proxy for the session. This is useful in larger environments when assets you need to access are not in your region. From Admin Session tab, you can start a session immediately by completing the form and clicking Connect.

Change and Reset Login Passwords

Users can maintain the security and control of their account and protect it against unauthorized access. If you are logging in with a BeyondInsight local user account, you can change your password from the Account Settings page.

You cannot update your password if you are logging in with Active Directory, LDAP, or Entra ID credentials, or if your account is locked out.

  1. In the top-right corner of the console, click the Profile and preferences icon.
  2. Click Account Settings.

Change your password

  1. From the My Account panel, select Change Password.
  2. Enter your current password.
  3. Enter your new password and confirm it.
  4. Click Change Password.

Reset your password

If you forget your console password, you can reset it when logging in:

  1. Click the Forgot Password link.
  2. Enter your username, and then click Reset Password. An email containing a reset link is sent to the address associated with your username.
  3. Click the link in the email to be taken to the Enter New Password page, where you can change your password.

ℹ️

Note

Resetting the console password is not available to users logging in with Active Directory, LDAP, or Entra ID credentials.

Reconfigure two-factor authenticator

Users can maintain the security and control of their account and protect it against unauthorized access. If you are logging in with a BeyondInsight local user account that has two-factor authentication enabled and registered with a device, you can update the authenticator app from the Account Settings page.

You cannot update the authenticator if you are logging in with Active Directory, LDAP, or Entra ID credentials, or if your account is locked out.

  1. In the top-right corner of the console, click the Profile and preferences icon.

  2. Click Account Settings.

  3. From the My Account panel, select Two-Factor Authentication.

  4. Click Replace Authenticator App.

  5. Click Reconfigure Authenticator App to register a new authenticator app.

Register Passwordless Authenticators

Users can maintain the security and control of their account and protect it against unauthorized access. If you are logging in with a BeyondInsight local user account, and if passwordless authentication is enabled for your BeyondInsight instance, you can register FIDO2-certified authenticators from the Account Settings page.

ℹ️

Note

Passwordless authentication is available only for local BeyondInsight users. Support for Active Directory, LDAP, and Entra ID directory users is planned for a future release.

  1. In the top-right corner of the console, click the Profile and preferences icon.

  2. Click Account Settings.

  3. From the My Account panel, click Passwordless Authentication.

  4. Click + Register FIDO2 Authenticator.

  5. Select the type of authenticator you wish to register: Roaming or Platform.

  6. Enter a unique name for your authenticator.

  7. Enter your BeyondInsight account password.

  8. Click Continue and follow your browser's instructions.

Manage your FIDO2 authenticators

  1. From the Passwordless Authenticators panel, click the vertical ellipsis for a listed authenticator.
  2. Select Edit to update the name for the authenticator.
  3. Select Delete to remove the authenticator.

Updated 5 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.