View and Check Out Credentials from the PRA /login Interface

If you need to retrieve passwords for use outside of a BeyondTrust access console session, you can manually check out a password for a shared account, or view and copy a password for a personal account, from the /login interface.

Check Out and Check In a Shared Account

  1. Go to Vault > Accounts.
  2. Screenshot of the Check Out option for a generica vault account.

  3. From the Shared tab, locate the account you wish to check out.
  4. Click Check Out.

 

    Screenshot of the Account Password dialog

  1. The Account Password dialog appears, and you can see the password in plain text for one minute. During that time, you can copy the password by clicking the Copy icon.

 

Screenshot of Checked Out Status on the Privileged Remote Access Vault Accounts page.

When an account is checked out, it's indicated in the Status column on the Accounts page. You can hover over the Checked Out status to see who has it checked out.

 

Screenshot of the Check In Option for a Credential.

  1. When you are finished using a credential, return to the Accounts page, and then click Check In to check the password back into BeyondTrust Vault.

If you check in a domain credential with automatic rotation configured, the password automatically rotates.

Non-administrative users can view and modify only credentials for which they have access.

View and Copy a Personal Account Password

  1. Go to Vault > Accounts.
  2. View Password Option for a Personal Vault Account

  3. From the Personal tab, locate the account you wish to use.
  4. Click View Password.

 

    Screenshot of the Account Password dialog

  1. The Account Password dialog appears, and you can see the password in plain text for one minute. During that time, you can copy the password by clicking the Copy icon.

Only the owner of a personal account is able to view its password. A Credential Used event is logged when the owner views the password. Vault administrators can view this activity in a Vault report.

 

For more information, please see Discover Domains, Accounts, and Endpoints.