FAQ: JumpCloud Password Manager

General Questions

What is JumpCloud (JC) Password Manager?

JC Password Manager is a password manager and 2FA authenticator that enables you to securely store and manage passwords and sensitive information such as credit cards, government IDs, and secure notes. JC Password Manager does not store data in the cloud. Your credentials are stored locally and synced in an end-to-end encrypted format through JumpCloud servers.

Where does JC Password Manager store passwords?

JumpCloud Password Manager relies on a decentralized architecture that is a hybrid between a cloud-based password manager and an offline password manager. This approach minimizes security risk by keeping credentials stored locally on user devices and by syncing vaults between devices through JumpCloud servers with end-to-end encryption. By eliminating the need for users to create, manage, and remember master passwords, JumpCloud Password Manager secures against targeted attacks that aim to steal master passwords to access user credentials stored in traditional cloud-based password managers.

How is my data backed up?

Your data is stored locally and the JumpCloud Password Manager apps regularly create encrypted backups on your machine. These backups are only accessible by you, and it is recommended that you keep these backup files in a place alongside other important files (network, cloud, or external storage). The backup schedule and file path can be updated in the settings of the JumpCloud Password Manager app.

Note:

If you have lost access to your primary device, simply sign up for JumpCloud Password Manager on another device and restore your data from this backup file. If this backup file is not available, you can also restore data from a .csv file.

What is the advantage of using JC Password Manager over other password managers?

JC Password Manager has many advantages over existing password managers; the biggest is the way your data is stored and synced across devices. Also:  

  • Security risk is minimized by the hybrid cloud-based and offline approach
  • No master password to remember
  • JC Password Manager can store and auto-fill 2FA tokens
How can I migrate from my existing password manager to the JC Password Manager?

Migrating from your previous password management solution is as simple as exporting your data and importing into the JC Password Manager via the browser extension. 

Can users install the password manager on more than one device?

Yes, users can use the JumpCloud Password Manager on more than one device at the same time. 

Can JC Password Manager log me into apps and websites on my phone?

On iOS and Android, the  JC Password Manager can be set as the default source for autofill actions. This can be done in the settings app of your phone.

Is the JumpCloud Password Manager browser extension available on all browsers?

The password manager is available on all popular browsers including Chrome, Edge, and Firefox.

Are there considerations for using Password Manager with Linux?

Auto-update does not work on Linux unless you are using a Debian build. If you are using Appimage, when a new version of Password Manager is available, you will need to download the new version manually, then delete the old version. Because of this, and because it is more stable, we recommend using a Debian build.

Additionally, biometrics do not work on Password Manager with Linux.

What if my passwords aren’t syncing properly?

A sync issue should be extremely rare if you follow these best practices:

  • Be sure that all the Password Manager apps are on the latest version, and that everyone you are sharing folders with also has their apps on the latest version.
  • Make sure no one is experiencing connectivity issues.
  • Once these steps have been taken, you can re-add items/users in question and it may be helpful to trigger a manual sync (found in app Settings).

Sharing Credentials

Can I share passwords with other users?

Yes, passwords can be shared with other users by creating a shared folder.

Can I share access to my credit cards using JC Password Manager?

Yes, you can share your credit card data with any JC Password Manager user by clicking on the card in the JC Password Manager app and by selecting your contact from the sharing tab.

Note:

The CVV will not display in the app but will still auto-fill when used by JC Password manager.

Can I share 2FA secrets with other users?

2FA secrets can be shared with other users by creating a shared folder.

Two-Factor Authentication (2FA)

What is Two-Factor Authentication (2FA)?

Two-Factor authentication is an added layer of security that can be put into place to protect your online accounts. When 2FA is added to an account, a user is required to know their username, password, and provide an additional form of authentication or approval to complete their login. This additional factor helps protect against compromised or weak credentials and even various phishing attacks. The two basic types of 2FA are push-based and TOTP (Time-Based One-Time Password). JC Password Manager supports TOTP.

The JumpCloud Password Manager allows you to save and assign TOTP codes to your login items. After scanning the code for 2FA setup, a constantly changing 6-digit code will be associated with your login item in the JC Password manager. With 2FA setup, JC Password Manager allows you to autofill usernames, passwords, and 2FA codes. You are also able to share passwords with 2FA enabled with the rest of your team.

What is the overlap with the JumpCloud Protect™ App? Should we use both?

Both apps have authenticator features. The Password Manager currently only supports TOTP-based 2FA; end users should continue to use JumpCloud Protect for push-based MFA.

Can I unlock the PWM with MFA keys?

Since the JumpCloud Password Manager and its vault live locally on your device, any additional authentication factors on your device inherently protect your Password Manager. For instance, if you enforce MFA on a JumpCloud managed device, your users will need to provide an additional factor to log into their device, further protecting the local installation of your password 

Auto-Fill

Can JC Password Manager auto-fill my credit card information into websites?

Yes, JC Password Manager can autofill all the credit card information in your browser via the JC Password Manager browser extension the same way that it auto-fills your usernames and passwords. When you see a credit card form with the JC Password Manager icon, click on it and select the credit card that you would like to auto-fill. This will send a login request to your phone and as soon as you approve it, JC Password Manager will auto-fill the data. 

Can JC PWM auto-full 2FA codes in the browser?

The Jump Cloud Password Manager allows you to save and assign TOTP codes to your login items. After scanning the code for 2FA setup, a constantly changing 6 digit code will be associated with your login item in the JC Password manager and will auto-fill.      

Privacy and Security

What information does JC Password Manager store?

JC Password Manager locally stores passwords, cards, notes, government IDs, and any custom category that you create. 

  • Your browsing data is not recorded.                            
  • Your keystrokes and mouse movements are not logged.                              
  • We store an encrypted version of the phone number you signed up with in order to allow you to restore your data to a new device, to be able to send you notifications and to enable credential sharing between users.    
Where does JC Password Manager store the password vault?

JC Password Manager stores your password vault locally across devices with JC Password Manager. Your vault is synced in an end-to-end encrypted manner across different JC Password Manager applications. Our relay servers are used to sync your encrypted vault between different devices. 

How does JC Password Manager secure data in motion?

End-to-end encryption between devices that you have enrolled:                                       

  • All traffic is over HTTPS. RSA2048 is used to encrypt an AES-256 key that is used to encrypt relayed data. Any message emitted is also digitally signed.
  • The Key exchange happens by scanning a QR code.     
How does Password Manager secure data at rest?

Shared Passwords are encrypted with a computer generated AES-256 key which is encrypted using RSA-2048 and stored in the secure storage service of the device (Apple Keychain or Windows credentials manager etc.).                            

Can an admin see the passwords that my users have stored in the password manager?

No, by default admins do not have access to view or modify user-created passwords.

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case