Releases

In the new version, we have introduced the capability to create custom vault types with automatically assigned administrators, refined the inheritance of group-based access rights and handling of TOTP code parameters, as well as made numerous fixes and improvements.

Vault types

In Passwork 7.1, you can create custom vault types with flexible settings tailored to your organization’s needs:

• Each vault type allows you to assign dedicated administrators, set restrictions on vault creation and define a creator's access level
• When you create a vault or change it's type, select corporate administrators automatically gain access to it. Other administrators won't be able to lower their access level or remove them altogether
• Now you can set up different vault types for various departments or projects, assign relevant administrators, and configure permissions for specific tasks

Viewing all system vaults

We've added an ability to view all vaults created within the organization, including the private ones. The list displays only the names of the vaults as well as users and groups that have access to them, while the vault contents are still available strictly to users with direct access. This opens up extensive opportunities for system-wide data storage audits. Access to the vault list is determined by role settings.

Improvements

• Improved the logic of inheriting access from multiple groups: now if a user belongs to groups with both "Full access" and "Forbidden" rights to a specific directory, the 'Forbidden' access level will be applied
• Added "Access level required to leave vaults" and "Access level required to copy folders and passwords" settings
• Added the option to show a custom banner to unauthenticated users: when the "Show to unauthenticated users" option is enabled, the banner will be visible on the sign-in, sign-up, master password and password reset pages
• Added processing of digits and period parameters during TOTP code generation
• Added clickable links to vaults, folders, passwords, roles, groups, and users in notifications
• Added transfer of user session history when migrating from Passwork 6

Bug fixes

• Fixed an issue where the 2FA setup page did not appear when logging into Passwork after enabling "Mandatory 2FA" in role settings
• Fixed incorrect counting of failed login attempts with active "Limit on failed login attempts within a specified time frame" setting
• Fixed an issue where mobile app and browser extension sessions were not reset after disabling "Enable mobile apps" and "Enable browser extensions" in role settings
• Fixed an issue where Activity log filtered by a particular vault showed events from folders inside the vault: now, only events at the selected nesting level are displayed
• Fixed an issue where a search by color tag did not work for some passwords
• Fixed an issue where user data could be updated on LDAP login despite disabled "Allow user modification during LDAP synchronization" setting
• Fixed an issue in the export window where unchecking all folders inside a vault also unchecked the vault itself
• Fixed incorrect behavior of the "Automatically log out after inactivity" setting
• Fixed incorrect display of notes
• Fixed incorrect redirect to the password's or shortcut's initial directory after editing these items in Favorites
• Fixed an issue where the item deletion date in the Bin was reset during migration from Passwork 6

You can find all information about Passwork updates in our technical documentation.

The 2025 small business cybersecurity checklist: A complete guide | Passwork

Passwork’s 2025 cybersecurity checklist, based on the NIST framework, provides actionable steps to prevent data breaches and financial loss.

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

Python connector 0.1.5: Automated secrets management

The new Python connector version 0.1.5 expands CLI utility capabilities. We’ve added commands that solve critical tasks for DevOps engineers and developers — secure retrieval and updating of secrets in automated pipelines. What this solves Hardcoded secrets, API keys, tokens, and database credentials create security vulnerabilities and operational bottlenecks.

Passwork BlogEirik Salmi

Passwork 7.0.10 update is available in the Customer portal.

• Improved handling of additional parameters in Acivity log when migrating from Passwork 6
• Fixed incorrect vault data export when access to its nested folder is restricted
• Fixed an issue where access confirmation requests to a vault failed to be sent under certain scenarios
• Improved data import performance

Passwork 7.1 release

In the new version, we have introduced the capability to create custom vault types with automatically assigned administrators, refined the inheritance of group-based access rights and handling of TOTP code parameters, as well as made numerous fixes and improvements. Vault types In Passwork 7.1, you can create custom vault

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

Passwork 7.1: Vault types

Vault types Passwork 7.1 introduces a robust vault types architecture, providing enterprise-grade access control for enhanced security and management. Vault types address a key challenge for administrators: controlling data access and delegating vault management across large organizations. Previously, the choice was limited to two types. Now, you can create

Passwork BlogEirik Salmi

In the new version we’ve enhanced filtering capabilities in Security dashboard and User management, optimized performance with large data volumes, and introduced several interface and localization improvements.

Improvements

• Added the option to filter passwords by username and login in Security dashboard
• Added the option to open a new tab when navigating to a password or folder from Security dashboard
• Added the option to select multiple roles when filtering users in User management
• Added a progress bar for actions performed in User management
• Added support for handling the data export restriction parameter in the web interface
• Optimized performance when processing large amounts of data

Bug fixes

• Fixed duplication of events in Activity log when viewing recent, favorite, and inbox passwords
• Fixed duplication of the Save and Cancel buttons in System and SSO settings under certain scenarios
• Fixed pagination issues when viewing password cards in a directory with many items
• Fixed an issue where users with viewing rights in User management could not access some user pages
• Fixed an issue where the Create shortcut, Create link, and Send buttons were displayed in the additional access window even though users had no permission for these actions
• Fixed an issue where the Manage roles option in role settings remained unavailable in certain scenarios
• Fixed an issue allowing the Read and edit access to be set for a shared password through the additional access window, even though sharing passwords with that access level was restricted
• Fixed an issue preventing the creation of a nested folder with the same name as its parent folder
• Fixed an issue where outdated settings could be used when starting background tasks
• Fixed an issue with data decryption when configuring SMTP with anonymous authentication
• Fixed an issue that occurred when connecting a user to a vault via a group in User management (relevant for the version without client-side encryption)
• Fixed incorrect navigation to the target directory when copying a folder via the context menu
• Fixed incorrect redirect to the Recents page when selecting Mailer config for the email service in System settings
• Fixed an error in the validation of passwords with the underscore special character
• Fixed a migration issue from Passwork 6 with invalid IDs

Passwork 7.1 release

In the new version, we have introduced the capability to create custom vault types with automatically assigned administrators, refined the inheritance of group-based access rights and handling of TOTP code parameters, as well as made numerous fixes and improvements. Vault types In Passwork 7.1, you can create custom vault

Passwork BlogEirik Salmi

Passwork 7.1: Vault types

Vault types Passwork 7.1 introduces a robust vault types architecture, providing enterprise-grade access control for enhanced security and management. Vault types address a key challenge for administrators: controlling data access and delegating vault management across large organizations. Previously, the choice was limited to two types. Now, you can create

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

In the new version, we've introduced an option to share passwords with groups of users, implemented support for the OTPAuth encryption algorithm for generating TOTP codes, added internal link support between the 6th and 7th versions of Passwork, and resolved various UI and localization issues.

Group password sharing (only in the version without client-side encryption)

Now you can send passwords to a group of users — a new Groups field has been added to the password-sharing modal window. Password access updates automatically:

• When new users are added to a group, they will immediately see the password in their Inbox
• When users are removed from a group, the password will disappear from their Inbox
• If the same password is shared with a user both directly and through a group, the access level set directly will take precedence

Improvements

• Added support for links to vaults, folders, passwords, shortcuts, and other entities between the 6th and 7th versions of Passwork
• Added support for the OTPAuth encryption algorithm for generating TOTP codes
• Added a Forbidden by role tooltip for settings unavailable to users due to role limitations
• Added detailed logging of SSO settings changes
• Added an option to view the action history for shortcuts linked to deleted passwords
• Added the option to navigate to a shortcut's directory from additional access modal windows, provided users has access to the specified directories
• Added an empty state for the data export modal window
• Disabled checkboxes for directories in User management if the user has Full access or lower permissions for them
• Updated the appearance of deleted shortcut card

Bug fixes

• Fixed an issue where the master password reset button in the Authorization and 2FA modal window did not work correctly when local password authorization was disabled
• Fixed an issue where users could see the Assign as owner button when changing another user's role, but attempting to assign ownership resulted in an Access denied message
• Fixed an issue where opening a password caused the current directory selection to disappear in the navigation panel
• Fixed an issue where the 2FA connected event was logged in Activity log before the 2FA connection was confirmed
• Fixed an issue where not all groups and roles were displayed in filters
• Fixed an Access denied error when attempting to navigate from a shortcut to the initial password in a vault with Read and edit access level
• Fixed an error that occurred when opening the password context menu if the TOTP field contained an OTPAuth URI
• Fixed an issue where deleting a password via API or by another user did not trigger a redirect to the Recents page in the web version
• Fixed an issue where enabling/disabling the Automatically clear background task history setting caused the task to appear in the scheduler only after refreshing the page
• Fixed an issue where a folder continued to display in its original directory after being moved until the expanded directories in the navigation panel were collapsed/expanded
• Fixed an issue where creating a new vault caused expanded directories in the navigation panel to collapse
• Fixed an issue where not all users were displayed in the user addition window for a vault
• Fixed an issue where the cancel button did not clear the DN for finding groups in AD/LDAP field when adding an LDAP server
• Fixed an issue where the system notification about resetting the authorization password did not automatically disappear
• Fixed an issue with resetting selected roles, groups, and invitations in user management when the search query was empty
• Fixed an issue where the group filter was reset after clearing the role filter
• Fixed an issue where nested elements in the navigation panel collapsed after creating a new vault
• Fixed an issue with incorrect display of some icons on the vault access request tab
• Fixed incorrect font in directory names

Passwork 7 release

In Passwork 7, we improved everything: completely rewrote the code using the latest technologies, implemented a full-fledged API, updated the interface, redesigned groups and roles, abandoned the automatic addition of system administrators to vaults, and made access rights management even more flexible. This will significantly enhance the convenience of administration

Passwork BlogEirik Salmi

Passwork 7.1 release

In the new version, we have introduced the capability to create custom vault types with automatically assigned administrators, refined the inheritance of group-based access rights and handling of TOTP code parameters, as well as made numerous fixes and improvements. Vault types In Passwork 7.1, you can create custom vault

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

Passwork 7.0.7 update is available in the Customer portal.

• Fixed incorrect migration of attachments and password editions to Passwork 7
• Fixed an issue where the API session could be reset after token renewal
• Improved overall performance and stability

Passwork 7 release

In Passwork 7, we improved everything: completely rewrote the code using the latest technologies, implemented a full-fledged API, updated the interface, redesigned groups and roles, abandoned the automatic addition of system administrators to vaults, and made access rights management even more flexible. This will significantly enhance the convenience of administration

Passwork BlogEirik Salmi

Passwork 7.1: Vault types

Vault types Passwork 7.1 introduces a robust vault types architecture, providing enterprise-grade access control for enhanced security and management. Vault types address a key challenge for administrators: controlling data access and delegating vault management across large organizations. Previously, the choice was limited to two types. Now, you can create

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

Passwork 7.0.6 update is available in the Customer portal.

• Fixed incorrect background task name for LDAP synchronization in test mode
• Fixed an issue where changes in role settings could not be saved after setting the minimum refresh token lifetime
• Improved overall system stability and performance

Passwork 7.1 release

In the new version, we have introduced the capability to create custom vault types with automatically assigned administrators, refined the inheritance of group-based access rights and handling of TOTP code parameters, as well as made numerous fixes and improvements. Vault types In Passwork 7.1, you can create custom vault

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

Passwork 7.1: Vault types

Vault types Passwork 7.1 introduces a robust vault types architecture, providing enterprise-grade access control for enhanced security and management. Vault types address a key challenge for administrators: controlling data access and delegating vault management across large organizations. Previously, the choice was limited to two types. Now, you can create

Passwork BlogEirik Salmi

In the new version, we’ve improved sorting algorithms for vaults, passwords, and shortcuts, extended settings for authorization password policies, and made numerous improvements to the UI and localization.

Improvements

• Added new settings Restrict password reuse and Password history length to the authorization password complexity policies
• Added an option to navigate to the initial password directory from the Recents and Favorites
• Added tooltips for long group, folder, password, and shortcut names
• Prevented creation of additional fields with duplicate names or names already used in system fields — identical names with different cases are allowed
• Improved filters in User management and Activity log
• Improved the UI, dark theme, and localization

Bug fixes

• Fixed sorting of vaults, folders, passwords, and shortcuts in Favorites, Inbox, Search, and Bin
• Fixed an issue where the SMTP password field sometimes displayed Empty even though a password was set
• Fixed an issue where trying to open a password with a lot of characters in the Password field prevented cards from opening and users were redirected to the Recents
• Fixed an issue where a prompt to change the local password sometimes appeared after logging in via LDAP
• Fixed an issue where the Master password complexity policy settings appeared in role settings when the client-side encryption was disabled
• Fixed an issue where some system notifications were not sent to administrators and users with permission to view them
• Fixed an issue where manually imported data was reset when returning to data mapping
• Fixed incorrect display of access levels in the System settings changed event
• Fixed sorting by date in the Bin

Passwork 7.1 release

In the new version, we have introduced the capability to create custom vault types with automatically assigned administrators, refined the inheritance of group-based access rights and handling of TOTP code parameters, as well as made numerous fixes and improvements. Vault types In Passwork 7.1, you can create custom vault

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

Passwork 7.1: Vault types

Vault types Passwork 7.1 introduces a robust vault types architecture, providing enterprise-grade access control for enhanced security and management. Vault types address a key challenge for administrators: controlling data access and delegating vault management across large organizations. Previously, the choice was limited to two types. Now, you can create

Passwork BlogEirik Salmi

In Passwork 7, we improved everything: completely rewrote the code using the latest technologies, implemented a full-fledged API, updated the interface, redesigned groups and roles, abandoned the automatic addition of system administrators to vaults, and made access rights management even more flexible. This will significantly enhance the convenience of administration and password management, as well as greatly accelerate the development of new features.

Updated interface

We redesigned the Passwork interface and updated all key sections — took into account many requests and fixed logical and functional errors while preserving the familiar convenience of working with passwords. We also added the ability to customize column widths and move interface elements — each user will be able to adapt it to their needs.

Expanded API functionality

We significantly expanded the API functionality — now it allows full interaction with all Passwork features: from copying passwords to managing users and security settings.

To simplify working with the API, we prepared an official Python connector — a developer library that allows integrating Passwork with applications and scripts in Python, and the Passwork-CLI utility, which enables working with the API from the command line.

Instead of API keys, tokens are now used — a more modern and reliable way to access the system. In addition, API access settings have been moved to the role page.

New backend and frontend

We completely updated the code using more modern methods — this will improve performance and simplify the initial installation of Passwork. Moreover, the new code will become the basis for developing desktop applications and will significantly speed up the introduction of new features.

User roles

We updated the status system by combining administrative rights and user settings, and renamed them to Roles — now, instead of two standard statuses Administrator and Employee, you can create an unlimited number of roles with individual rights and settings.

User groups

What was called Roles in previous versions has been renamed to Groups, making the user management process more intuitive and closer to common standards, such as those used in Active Directory. Groups allow restricting user access to vaults based on certain privileges.

Updated vault structure

We simplified the vault structure — instead of organization vaults and personal vaults, users will be able to create private vaults. A private vault becomes shared when other users are added to it. At the same time, administrators are no longer automatically added to new vaults.

The updated vault structure ensures reliable encryption and offers new possibilities for password management, making the process more convenient and secure.

Vault access confirmation

When adding users to groups, they will no longer automatically receive access to other users' vaults — access will require confirmation from the vault administrator. Users who gained access to a vault during LDAP synchronization also need to be confirmed. This provides additional control and prevents unauthorized access to vault contents.

Changing access levels

We’ve reworked the access level system and introduced a number of changes to some of them:

• Navigation level has been replaced by an ability to view all parent directories of the folder the access level is applied to
• Users with the Full access level now can view access levels of other users, manage additional access, view the history of changes within the directory and analyze passwords available to them via Security dashboard
• Added the ability to assign administrative rights to users in folders. The Administration access level is inherited by child folders without the ability to change it

History of actions and notifications

We’ve expanded the list of actions that are logged, updated their descriptions and completely reworked the notification system. Soon after the release we are going to introduce notification settings, which will add flexibility to keeping track of important changes and user actions.

Using shortcuts

In order to enhance security, we’ve made some changes to the way shortcuts work:

• It is now impossible to copy shortcuts for passwords which don’t allow shortcut creation
• Folders which include shortcuts unavailable to a user will now be copied without them

Adding tags to passwords

Now when you create or edit a password, you will be able to pick a tag from a list of already created ones. This has an added benefit of preventing creation of tags with the same name (sales ↔ Sales, etc.). When selecting tags, only those available in the user's vaults will be displayed.

Changes to 2FA reset flow

When you reset your authorization password, two-factor authentication now won’t be reset along with it. Users won’t be able to reset 2FA without a successful login, which increases security.

Account locking option

We’ve introduced an account locking feature. You will be able to set a limit on failed login attempts, timeframe for tracking the failed attempts and lockout duration.

Other changes

• Tidied settings up by making their structure more clear
• Added automatic retrieval of email and name from single sign-on systems (SSO)
• Added settings for automatic clearing of sessions, notifications and background tasks
• Added the ability to enable a system banner that will be visible to all Passwork users. You can use it for important notifications, alerts or instructions
• Added an ability to choose a time zone and date & time format
• Updated filters in key sections for faster and simpler search

Upgrading to Passwork 7

To upgrade to version 7.0, you’ll need to update your Passwork to version 6.5, migrate your data, and confirm this in the customer portal. Upgrade instructions can be found here.

Passwork 7.1: Vault types

Vault types Passwork 7.1 introduces a robust vault types architecture, providing enterprise-grade access control for enhanced security and management. Vault types address a key challenge for administrators: controlling data access and delegating vault management across large organizations. Previously, the choice was limited to two types. Now, you can create

Passwork BlogEirik Salmi

Passwork 7.2 release

The new version introduces customizable notifications with flexible delivery options, enhanced event logging descriptions, expanded CLI functionality, server-side PIN code storage for the browser extension, and the ability to enable client-side encryption during initial Passwork configuration. Notification settings We’ve added a dedicated notification settings section where you can choose notification

Passwork BlogEirik Salmi

Passwork: Secrets management and automation for DevOps

Introduction In corporate environment, the number of passwords, keys, and digital certificates is rapidly increasing, and secrets management is becoming one of the critical tasks for IT teams. Secrets management addresses the complete lifecycle of sensitive data: from secure generation and encrypted storage to automated rotation and audit trails. As

Passwork BlogEirik Salmi

Passwork 6.4, we have introduced a number of changes which enhance our browser extension security, make user permissions settings more flexible, and improve the logging of settings related changes:

• Mandatory extension PIN code
• Logging of all changes related to settings
• User access to history of actions with passwords
• Automatic updating of LDAP group lists

Mandatory extension PIN code

With the new setting ‘Mandatory PIN code in extension’, administrators can set a mandatory browser extension PIN code for all users, minimizing potential unauthorized access. Once enabled, users who have not yet set a PIN code will be prompted to do so upon their next login to the extension. Users will be able to configure their auto-lock timeout and change the PIN code, but they cannot disable these functions.

Logging of all changes related to settings

Now all changes in the Account settings, User management, LDAP settings, SSO settings, License info, and Background tasks are displayed in the Activity log.

History of actions with passwords

The new setting ‘Who can view the history of actions with passwords’ makes it possible for vault administrators to let other users view password history, password editions, and receive notifications related to their changes. Previously, these features were available only to vault administrators.

Automatic updating of LDAP group lists

Automatic updating of LDAP group lists can now be configured on the Groups tab in the LDAP settings. The update is performed through background tasks with a selected time interval.

Other improvements

• Added pop-up notifications when exporting data or moving data to the Bin
• Improved display of dropdown lists on the Activity log page
• Changed time display format of the ‘Automatic logout when inactive’ and ‘Maximum lifetime of the session when inactive’ settings
• Changed the Enabled / Disabled dropdown lists on the System settings and LDAP settings pages with toggles
• Increased minimum length of generated passwords to six characters

Bug fixes

• Fixed an issue in the Password generator where selected characters were sometimes missing in the generated password
• Fixed an issue where local users could not independently recover their account password when an LDAP server was enabled
• Fixed an issue where local users could not register in Passwork when an LDAP server was enabled
• Fixed an issue which occurred after moving a folder with shortcuts to another vault and shortcuts not being displayed in the new vault
• Fixed an issue that occurred when trying to move a shortcut found in search results without opening any vaults right after logging into Passwork
• Fixed an issue that occurred when trying to copy a password found in search results without opening any vaults right after logging into Passwork
• Fixed an issue that occurred when a password was sent to another user and remained on the recipient's Recents and Starred pages after the initial password was moved to the Bin
• Fixed the value in the time field for the ‘API key rotation period (in hours)’ setting which was reset to zero after disabling it
• Fixed incorrect event logging in the Activity log after changing folder permissions
• Fixed incorrect text notification about assigning access rights to a user through a role
• Fixed incorrect tooltip text when hovering over the username of a recently created user
• Fixed incorrect display of long invitation titles
• Removed the local registration page when the LDAP server is enabled

Passwork: Secrets management and automation for DevOps

Introduction In corporate environment, the number of passwords, keys, and digital certificates is rapidly increasing, and secrets management is becoming one of the critical tasks for IT teams. Secrets management addresses the complete lifecycle of sensitive data: from secure generation and encrypted storage to automated rotation and audit trails. As

Passwork BlogEirik Salmi

Cyber insurance: A false sense of security?

Introduction As cyber threats and data breaches become more frequent and sophisticated, many organizations are looking to cyber insurance as a way to manage risk. But is cyber insurance a true safety net — or is it just a false sense of security? This question was at the core of the

Passwork BlogIliya Garakh, CTO

Comprehensive guide: Cybersecurity vocabulary – terms and phrases you need to know

Cybersecurity — as complex as it sounds — is an essential concept that we all need to be aware of in this day and age. Computers, phones, and smart devices have become an extension of our bodies at this point, which makes their security paramount. From your family photos to your bank

Passwork BlogEirik Salmi

In Passwork 6.3, we have implemented numerous changes that significantly improve organization management efficiency, provide more flexible user permission settings, and increase security:

• Administrative rights
• Hidden vaults
• Improved private vaults
• Improved settings interface

Administrative rights

Available with the Advanced license

Now there is no need to make users administrators in order to grant them specific administrative rights. This option is a response to one of the most frequent requests from our customers.

Administrators can grant only those rights or permissions that are necessary for users to fulfill their duties and flexibly customize access to settings sections and manage Passwork. For instance, you can grant employees the right to create and edit new users, view the history of user activity, track settings changes, while restricting access to organization vaults and System settings.

You can configure additional rights on the Administrative rights tab in User management. There are four settings sections to flexibly customize Passwork for your business:

General
In this section, you can grant users access rights to manage all existing and new organization vaults, view the history of actions with settings and users, access license info and upload license keys, view and modify the parameters of SSO settings and Background tasks.

User management
In this section, you can grant users access rights to view and modify User management parameters. This includes performing any necessary actions with users and roles, such as creating, deleting, and editing users, changing their authorization type and sending invitations.

System settings
In this section of settings, you can grant users the right to view and modify specific groups of System settings.

LDAP settings
In this section, you can grant users the right to view and modify LDAP parameters which include adding and deleting servers, registering new users, managing group lists, viewing and configuring synchronization settings.

Activity log
The event of changing user administrative rights has been added to the Activity log. All changes are now recorded in the Activity log, that includes the users who initiated such changes as well as each setting that was modified with its previous and current values.

Interface improvements

Users with additional administrative rights are marked with a special icon next to their user status.

Some items remain unavailable until the necessary settings have been activated. When hovering your cursor over such items, a tooltip with information regarding dependent settings will be displayed.

Hidden vaults

In the previous versions of Passwork only organization administrators were able to hide vaults. Also, only organization vaults could be hidden. In this new version, all users can hide any vaults. Hiding makes vaults invisible only to the users who choose to do it and does not affect others.

Hidden vault management is now carried out in a new window, which is available directly from the list of vaults. You can view the list of all available vaults and customize their visibility there.

Private vault improvements

Displaying private vaults in User management
Besides hiding private vaults, employees with User management access can now see all vaults which they administer (including private vaults). The new feature which makes it possible to add users to private vaults has also been added to User management.

Logging of events in private vaults
Private vault administrators can view all events related to their vaults in the Activity log.

Other changes

• Fixed an issue which prevented users from changing their temporary master password
• Fixed an issue which prevented users from setting the minimum length for authorization and master passwords
• Fixed an issue in User management which made administrator self-deletion possible
• Minor improvements to the settings interface

Python connector 0.1.5: Automated secrets management

The new Python connector version 0.1.5 expands CLI utility capabilities. We’ve added commands that solve critical tasks for DevOps engineers and developers — secure retrieval and updating of secrets in automated pipelines. What this solves Hardcoded secrets, API keys, tokens, and database credentials create security vulnerabilities and operational bottlenecks.

Passwork BlogEirik Salmi

The 2025 small business cybersecurity checklist: A complete guide | Passwork

Passwork’s 2025 cybersecurity checklist, based on the NIST framework, provides actionable steps to prevent data breaches and financial loss.

Passwork BlogEirik Salmi

Passwork: Secrets management and automation for DevOps

Introduction In corporate environment, the number of passwords, keys, and digital certificates is rapidly increasing, and secrets management is becoming one of the critical tasks for IT teams. Secrets management addresses the complete lifecycle of sensitive data: from secure generation and encrypted storage to automated rotation and audit trails. As

Passwork BlogEirik Salmi