Shared Account Password Management

Enterprise Password Management

Give your authorized internal users, outsourced IT and third party vendors secure, always-on privileged access to critical shared account passwords, while maintaining control over who has access, which account passwords they have access to and how those passwords are managed.

Enterprise Password Management, password vault, Shared account password manager, SAPM Solutions by Centrify

Reduce Risk When Sharing Privileged Accounts


Single location for emergency access to super-user passwords for all on-premises and cloud-based systems and network infrastructure


Step up authentication and secure access to infrastructure without knowing privileged account passwords


Enforce centralized control over who can access credentials and audit administrator activity - including securing 3rd party access


Simplify and automate shared account password management for super-user and service accounts


Secure storage of encrypted privileged account credentials in Centrify Identity Services platform or a key management appliance on-premises (or in the cloud)


Flexible and cost-effective solutions with the robust security you expect — whether deployed in the public cloud, private cloud or your data center

Secure Checkout of Account Passwords

Authorized IT, whether internal or outsourced, and third party vendors can check out passwords for shared accounts, including service, application and database accounts for a limited duration. Centrify provides the option to take passwords under its full control, where it automatically changes the password after the checkout expires or simply store the password for future access without changing it.

Enterprise password managers, enterprise password management by Centrify

Session Establishment Without Disclosing Passwords

Authorized users can access resources using shared accounts without knowing the passwords and Centrify will not expose the passwords. IT admins can use shared accounts without risk of password sharing or unauthorized access.

Session Establishment without disclosing Passwords, shared password managers

Streamline Secure Privileged Access from Local Clients

Users initiate RDP and SSH sessions directly from their local Windows systems for privileged access that doesn’t disrupt their daily routine. Maintain the same level of security and control for privileged sessions with monitoring, session termination and multi-factor authentication.

SAPM from Local Clients, Enterprise SAPM for Local Clients, enterprise password management on premise

Automatically Discover Systems and Service Accounts

Windows, Linux and UNIX systems and their associated service accounts are automatically discovered in Active Directory, and taken under management. Domain accounts used to launch Windows services and scheduled tasks on infrastructure and endpoints are also discovered and managed.


Risk-aware Policies for Checkouts and Privileged Sessions

Identify anomalous behavior while it is happening, by enforcing risk-aware policies for users who are initiating a privileged session or checking out a password. Combining risk-level with role-based access controls (RBAC), user context and multi-factor authentication (MFA) enables intelligent, automated, real-time decisions on whether to grant privileged access. These dynamically enforced access policies grant the user access, prompt for a second factor of authentication, or block access completely.

risk aware policies for enterprise password management

“Break-glass” Access to Passwords From a Mobile Device

Get controlled, emergency access to privileged account passwords from your mobile device enrolled in the Centrify Identity Services platform. Secured password checkout requires a PIN or fingerprint validation. Checkout automatically times out based on per-resource policy.

Watch Video
SAPM for mobile devices, enterprise password management for mobile, password vault for mobile

Secure and Manage Application Passwords

Prevent cyberattacks that target privileged account credentials and streamline operations by eliminating hard-coded, plain text account passwords from scripts and applications. Applications and scripts authenticate and retrieve passwords securely without human intervention, enabling organizations to meet compliance and security policies.

Learn More
secure and manage mobile app passwords, enterprise password vault

Secure and Encrypted Storage of Your Data

Your data is securely stored using the Centrify Identity Services platform for all user, resource, account, and password information. Centrify also supports SafeNet KeySecure key management appliances from Gemalto as an alternative for encrypted storage of account passwords.

Learn More
SAPM for encrypted data, Enterprise SAPM Solutions, Password vault solutions

White Paper

Managing Privileged Access Security in a Hybrid IT World

Centrify commissioned Forrester Consulting to examine how IT decision-makers are both securing and granting privilege to identities in cloud-based environments. Forrester’s research included in-depth surveys with 150 IT decision-makers in the US, and discovered that the ubiquity of outsourced and remote identities is too large of a concern to overlook.

Download White Paper