What is the release mechanism?
A sealed password will not be released until the number of approvals required in the seal has been granted. Releases can be granted by anyone who has been defined as . The mechanism describes the complete process from the first release request to the final grant of the release and the breaking of the seal.
Users and roles in the release mechanism
As noted in the previous sections, seals always restrict the right of a user to view a specific password. Even if the configuration is usually done at the level of the role, each user is naturally responsible for his own request when carrying out the release. Even if a seal is defined for a role, technically separate seals are created for each individual member of the role.
1. Requesting a release
In order to release a seal for sealed passwords, this must be requested from the user with the required permissions to issue the release. Within the Password Safe client, this can be done via the buttons Reveal and Seal in the ribbon, as well as via the Icon in the password field of the data record in the reading pane.
A modal window opens, which can be used to request the seal. The reason for the entry will be displayed to the users with the required permissions to issue the release.
2. Granting a release
The can be opened via the seal symbol in the ribbon directly from the mentioned notification. It is indicated by the corresponding icon that there is a need for action. All relevant data for a release are illustrated within the seal overview. The reason given in the release is also evident.
If the release is granted, the Inquirer Im * Module Notifications * will be informed. You can also open the seal directly from the ribbon and see the now released state.
3. Breaking the seal
As soon as the requesting user has received the number of the required releases, he will be informed via the notifications as usual. The seal can now be broken. From this point on, the user will be able to see the password.