Vaultier 0.7 CE..................
Password managers are back in vogue, but is this a safe place to stuff all your secrets?
After a lull that lasted several years, and saw many existing tools retired from active development, password managers are back in vogue. The new batch, including Vaultier, now boast features such as file storage and collaboration.
The Vaultier project offers two variants, a BSD-licensed Community Edition and an Enterprise version, which comes with three different fee-based subscription plans.
For the Community Edition, the project provides three installation modes. You can install it as a Docker container or using pip, the Python installer, and Ubuntu users can use the provided shell script (the script is intended for Ubuntu 14.04 Server).
Regardless of the installation mode you choose, the project requires extensive configuration. Vaultier requires a PostgreSQL database, Nginx web server and uses uWSGI to run the app. The documentation walks you through the configuration of each of these but its a very involved process and you’re required to muck about with configuration files manually. The vanilla documentation provides only the minimum of instructions and you’re on your own if you decide to configure Vaultier to work with MySQL or Apache. The project doesn’t even have a mailing list, forum or a troubleshooting FAQ to help you resolve installation issues.
Vaultier bills itself as highly secure and provides key-based RSA encryption. When you first create an account to use Vaultier, the tool will generate a security key for you that you must store on your local disk. Vaultier doesn’t use passwords for the user accounts, so you must point it to the key on your machine to login.
Good once it’s going
The interface is fairly straightforward and there are instructions to guide you through the process of storing secrets and passwords. Information, be it passwords, notes, or files you wish to safeguard, is stored within cards. These cards reside inside vaults and the vaults themselves exist within workspaces. You can create multiple workspaces, multiple vaults within a workspace, and multiple cards within a vault.
You can add multiple secrets (passwords, files etc) to each card inside a vault. When storing passwords as secrets, you get a form which you can use to specify the website, username and password. When storing files, Vaultier limits the size to under 25kB.
As you continue to create more workspaces/vaults/cards to store all your secrets, locating them in a hurry may become a problem. Thankfully, the search bar at the top of the interface provides a quick means to access the stored information. It searches through all the workspaces, vaults and cards, and quickly presents all relevant matches. With the extensive workspace/vault/card mechanism, the search is an invaluable feature.
You can collaborate with others on specific vaults or the entire workspace. In the latter case, collaborators have access to all the vaults in the workspace. Vaultier enables you to define the permissions for each team member. You can restrict team members to only viewing the data, or grant them permission to create vaults and cards and invite other team members.
But despite such features, and a intuitive interface with plenty of helpful hints for using it effectively, we can’t really recommend Vaultier Community Edition for home users, because of its complicated installation process and precise requirements.