Shared Account & Credential Vault

Secure Your Shared Accounts and Credentials

Centrify Vault Suite reduces the complexities associated with securing and sharing access to privileged accounts. Discovery of systems and automated enrollment in the Centrify Platform ensures privileged access governance where shared account credentials are either vaulted or eliminated. Access to these accounts is brokered for users, services, and applications.

Reduce Risk When Sharing Privileged Accounts

Automate discovery and enrollment of systems and service accounts for privileged access governance.
Enforce centralized control over who can access credentials and audit administrator activity — including third-party access.
Simplify and automate shared account password management and reconciliation for superuser and service accounts.
Single location for emergency access to superuser passwords for all on-premises and cloud-based infrastructure.
Secure access to infrastructure without knowing privileged account passwords.
Replace static credentials with federated authentication and short-lived credentials such as OAuth2 and SAML tokens.
Password Vault, password vaulting, enterprise password management by Centrify

Secure Checkout of Account Credentials

Authorized IT, whether internal or outsourced, and third-party vendors can check out passwords for shared accounts, including service, application, and database accounts for a limited duration. Centrify provides the option to take passwords under its complete control. It automatically changes the password after the checkout expires, reconciles passwords, or simply stores the password for future access without changing it.

Enterprise Password Vault, Enterprise Password Management

Session Establishment Without Disclosing Passwords

Authorized users can access resources using shared accounts without knowing the passwords, and Centrify will not expose the passwords. IT admins can use shared accounts without encountering the risk of password sharing or unauthorized access.


Streamline Secure Privileged Access for Local Clients

Users initiate RDP and SSH sessions directly from their local machine for privileged access that doesn’t disrupt their daily routine. Maintain the same level of security and control for privileged sessions with monitoring and session termination.

screen-Access Request & Approval Workflow

Govern Privileged Access to Systems and Service Accounts

Developers can create local service accounts with passwords stored and managed in Centrify Vault Suite or create a service account within the Centrify Platform to enable authentication to systems and workloads via short-lived credentials. Applications can also take advantage of their host’s machine identity to request temporary credentials for federated access to other machines and workloads.


SAML Assertions for Web Access

Centrify’s STS brokers workload requests for SAML assertions from third-party Identity Providers (IDPs) such as Okta. This model enables seamless and short-lived access to the Centrify Portal.


Behavior-Based Policies for Checkouts and Privileged Sessions

Identify anomalous behavior while it is happening by enforcing risk-based policies for users who are initiating a privileged session or checking out a credential. Combining risk-level with role-based access controls (RBAC), user context, and multi-factor authentication (MFA) enables intelligent, automated, real-time decisions on whether to grant privileged access, prompt for MFA, or block access.

Learn More About Centrify Vault Suite

Ready to Protect Against the #1 Attack Vector?

Click here for more information about our products, pricing, demos, and more.

Contact Us