Testimonials
What our customers say about Team Password Manager

Password expiration

Current Team Password Manager version: 12.160.277

Beginning with version 4.41.83 you can enter the date when a password expires. If you enter this datum users in you installation will be able to filter those passwords that have expired or that will expire soon (in 15 days or less - configurable). You can also have the system send an email notification to the password manager and project manager for those passwords that have expired or that will expire soon.

Since version 12.152.275 it's possible to configure a global email address to send all expiration notifications.


In this document:


Entering the expiry date

You can enter this expiry date at the password edit screen:

Editing the expiry date of a password

If the password has expired or expires today an Expired label will be shown next to the expiry date in the password screen and in lists where the password appears:

Expired password

If the password expires in 15 days or less, a Will expire soon label will be shown instead. Note that this expiry period warning can be changed or disabled.

Filtering expired or soon to expire passwords

If a password has expired or will expire soon, any user that has access to the password will be able to filter it with special filters in lists.

Here you have these filters in the normal passwords lists:

Expiration filters in passwords list

And here you have them in the passwords lists inside a project:

Expiration filters in project passwords list

Note that these filters are only shown if there are passwords that have expired or will expire soon.

Changing or disabling the password expiration warning/reminder

Team Password Manager will show a Will expire soon label for those passwords that will expire in 15 days or less. It will also allow you to filter those passwords as we've just seen.

If you want to change this period or just disable the soon to expire warning you can do it in Settings | Expiration. This option can only be set by users with role "Admin" or "IT".

To set it go to Settings, then Expiration and then click on the "Edit expiration configuration" button, which will show you the "Edit password expiration configuration" screen:

Edit password expiration configuration screen

You can enter the days of the reminder or 0 to disable it.

Expiration notifications

Team Password Manager has a special function to send email notifications to password managers and project managers, and/or to a global email address (since v. 12.152.275), of those passwords that have expired or that will expire soon. This function is called genexp and can be executed by opening the following page:

YOUR_TEAM_PASSWORD_MANAGER_URL/index.php/genexp

You can see the correct URL for genexp for your installation if you go to Settings | Expiration.

You can open genexp with your browser to test, but it should really be called by a scheduler that executes it at least once a day.

If your Team Password Manager installation is on a *nix server you can setup a daily cron job to execute curl to open this address. To do so, edit the crontab configuration file with sudo crontab -e and enter the following line:

0 6 * * * curl YOUR_TEAM_PASSWORD_MANAGER_URL/index.php/genexp

This will setup genexp to be executed at 6:00 AM every day. Change YOUR_TEAM_PASSWORD_MANAGER_URL to the one for your installation and 6 to whatever hour you like.

Note: genexp can sometimes send many mails at once. To avoid being banned by your ISP/mail server you can control email throttling by specifying the number of seconds between each message using the SECONDS_BETWEEN_EMAILS parameter in config.php. Read about it here: SECONDS_BETWEEN_EMAILS.


What does genexp do?

genexp will send emails to the password managers and project managers, and/or to a global email address (since v. 12.152.275), of passwords that have expired or that will expire soon. Only one email message is sent to each user, grouping all the expired/soon to expire passwords. Here you have an example of such message:

Expiration notification message

genexp will log its execution with 2 actions:

  • Generate expiration notifications: with the number of expired and soon to expired notifications generated.
  • Send notifications by email: with the number of emails sent.

These actions are logged even if no notifications are generated or emails are sent, so you can use them to verify if genexp is being executed correctly.

Note that if you disable expiration warnings/reminders (see how to do it in the previous step), notifications for those passwords that will expire soon will not be sent.

Configuring a global email address

Since v. 12.152.275, you can set a global email address to receive expiration notifications. You can do this in the "Edit password expiration configuration" screen in Settings | Expiration:

Edit global expiration notification email

Once the global email address is set, all the expiration notifications will be sent to it.

In addition, you can configure if you also want the password managers and project manager to receive the expiration notifications by checking the "Also send expiration notifications to the password manager and project manager" checkbox as you can see in the above image.

How expiry date affects import/export and the API

The import and export procedures have been updated to support the expiry date field. The API (version 2) also has been updated to support this datum. API v1 as no support for the expiry date field.

Here you have the corresponding documents:


Document changelog

Jan 15, 2024: Global email address since v. 12.152.275, update some screens
Questions or Problems? Please contact our support department