JumpCloud Password Manager for Admins

JumpCloud offers a full feature password manager that is integrated into the JumpCloud product and all of our single sign-on applications. Admins and users will have a seamless authentication experience without relying on a third-party solution.

After User Groups are enrolled in Password Manager, admins can manage identity, access, and devices from within the admin console.

Overview Page

The Password Manager Overview page shows basic information about Pending Invites, Shared Folders, Enrolled Groups, Password Health, Devices, App Versions, and Logs.

• Selecting the View All button in Pending Invites, Enrolled Groups, or Shared Folders brings up a modal with details.
• Password Health information shows the admin an overall password health score along with the number of old and reused passwords in the organization.
  • Weak passwords are determined by if the password uses common words, names, or keyboard patterns, or if it is not long enough and doesn’t contain a mixture of character types.
  • Old passwords are anything older than 90 days.
  • Reused passwords are any that are the same or similar to other passwords for that user. 
• Knowing Device and App versions can be an important troubleshooting tool, especially to make sure that users are on the most recent version of the Password Manager application.
• The Logs section shows user events within Password Manager.
  • Selecting the Activity Log link opens Directory Insights, with the Service dropdown pre-filtered to Password Manager and Time Range defaulted to Last 15 days.

Users

The Password Manager Users page shows a list of enrolled users, with email, group, service status, and password health.

• Clicking on the extra options menu at the end of each User’s line gives you the option to Revoke Access or send the Invitation Email to Password Manager.
• Clicking the name of a user opens a details page for that user.
  

• ​​​​​​​You can see the details of the user along with password health information and vault information. The selections on the right help navigate to different areas of the page.
• The Logs section shows activities for this particular user. Selecting the Activity Log link opens Directory Insights, with the Service dropdown pre-filtered to Password Manager, the User pre-selected, and Time Range defaulted to Last 15 days.

Shared Folders

Password Manager Shared Folders gives you seamless item sharing and management across your organization. The Shared Folders tab shows a list of shared folders within your enrolled user groups, along with password health. You can also access Shared Folder Settings from this tab.

• The Settings tab gives you the option to set which users and groups can create shared folders. It is set to All users can create shared folders by default. If you choose Specify which users and groups can create shared folders, you have the option to search and select.
  

• Clicking the name of the Shared Folder opens a details page for that folder.
  

• You can see the details of the folder along with password health information. The selections on the right help navigate to different areas of the page.
• From the Users with Access area you can revoke access to the folder, or change access level.
  • Folder Manager – has full control over the folder and can make changes to the users and items in the folder.
  • Item Manager – has control over the items in the folder (view, add, edit, and delete).
  • Folder Member – can only use the items in the folder.
• ​​​​​​​The Logs section shows activities for this particular folder. Selecting the Activity Log link opens Directory Insights, with the Service dropdown pre-filtered to Password Manager, the shared folder pre-selected, and Time Range defaulted to Last 15 days.

Directory Insights

Admins can use the Directory Insights tool to monitor user events within Password Manager.

• Go to INSIGHTS > Directory, and select Password Manager in the Service dropdown menu.

Location of Logs and Backup Files

• Password Manager Logs
  • Mac: ~/Library/Application Support/JumpCloud Password Manager/data/daemon/log
  • Windows: %appdata%\JumpCloud Password Manager\data\daemon\log\
  • Linux: ~/.config/JumpCloud Password Manager/data/daemon/log/
• Backup Files
  • Mac: ~/Library/Application Support/JumpCloud Password Manager/data/daemon/backup/<directory with 36-digit unique id>
  • Windows: %appdata%\JumpCloud Password Manager\data\daemon\backup\<directory with 36-digit unique id>
  • Linux: ~/.config/JumpCloud Password Manager/data/daemon/backup/<directory with 36-digit unique id>

Deactivate Password Manager

This section shows you how to deactivate JumpCloud Password Manager for your organization.
By doing this, you can deactivate JumpCloud Password Manager for all users and their devices in your organization. This action permanently erases all the stored passwords and sensitive information within the app.

To deactivate Password Manager for your organization, follow these steps:

1. Log in to the JumpCloud Admin Portal.
2. Go to USER AUTHENTICATION > Password Manager.
   
3. Click the Users tab in the top menu.
4. Click the green Edit Group Enrollment button.
5. Remove user groups by following these steps.
   Now the user groups that were bound to Password Manager are deactivated.
6. Click Settings in the top menu.
7. Under Deactivate Password Manager, click Deactivate.
   
8. Confirm the Deactivation and now the Password Manager is deactivated successfully.