View and Check Out Credentials from the /login Interface

 

Stored passwords can be retrieved for use outside of a BeyondTrust support session. The /login interface allows you to manually check out a password for a shared account, or view and copy a password for a personal account.

Check Out and Check In a Shared Account

1. Go to Vault > Accounts.

2. From the Shared tab, locate the account you wish to use.
3. Click Check Out.

 

4. The Account Password dialog appears, and you are able to see the password in plain text for one minute. In that time, you can copy the password by clicking the Copy icon.

When an account is checked out, it's indicated in the Status column. You can hover over the Checked Out status to see who has it checked out.

5. When you are finished using a credential, return to the Accounts page and click Check In to check the password back into BeyondTrust Vault.

 

If you are checking in a domain credential with automatic rotation configured, the password automatically rotates.

Non-administrative users can only view and modify credentials for which they have access.

Check Out a Service Account

The process for checking out service accounts is the same as other accounts; however, the password must be manually set by the administrator before checking out the account.

View and Copy a Personal Account Password

1. Go to Vault > Accounts.

2. From the Personal tab, locate the account you wish to use.
3. Click View Password.

 

4. The Account Password dialog appears, and you are able to see the password in plain text for one minute. In that time, you can copy the password by clicking the Copy icon.

Only the owner of a personal account is able to view its password. A Credential Used event is logged when the owner views the password. Vault administrators can view this activity in a Vault report.