You are hereFeatures
- Easily store and retrieve accounts.
- Simple to use.
- Your Windows User account grants access.
- Generate random passwords.
- Free and open-source.
- User authentication uses Kerberos (will fall back to NTLM) against a Windows workstation or domain.
- All message packets are signed and encrypted over the TCP protocol, which are passed between the client and server.
- Sensitive data in the client is encrypted so it cannot be freely accessed in memory, thanks to a custom SecureString implemenation.
- Data stored in the database is encrypted/decrypted by Windows Data Protection (DPAPI).
- Pseudo-random 512-bit number master key
- Windows Server 2003 domain controllers use a 2048-bit RSA key.
- Full auditing of all user actions
- Authentication (success, failure).
- Account modifications (creations, accesses, updates, deletion).
- Group modifications (creations, modification, deletion).
- System errors (database, DPAPI, WCF service, etc).