This team password manager costs $1.50/user and just added the features businesses actually need

Introduction

In today's digital workplace, password management has become critical for both individual and organizational security. This tutorial will guide you through setting up a team password manager using Passpack's API, focusing on practical implementation for businesses that need secure credential sharing. We'll create a simple Python application that demonstrates how to manage team credentials programmatically, which is essential for organizations looking to move away from insecure practices like Slack sharing or spreadsheet passwords.

Prerequisites

• Basic Python programming knowledge
• Passpack account with API access (sign up at passpack.com)
• Python 3.6 or higher installed
• pip package manager
• Basic understanding of REST APIs and HTTP requests

Step-by-Step Instructions

1. Setting Up Your Development Environment

1.1 Install Required Python Packages

First, we need to install the required Python packages for making HTTP requests and handling JSON data:

pip install requests python-dotenv

This installs the requests library for making HTTP calls to the Passpack API and python-dotenv for managing environment variables securely.

1.2 Create Project Structure

Create a new directory for your project and set up the basic structure:

mkdir team-password-manager
 cd team-password-manager
 touch .env
 touch password_manager.py
 touch requirements.txt

Place the following in requirements.txt:

requests==2.31.0
python-dotenv==1.0.0

2. Configuring Your Passpack API Access

2.1 Get Your API Token

Log into your Passpack account and navigate to the API settings section to generate a new API token. Copy this token as you'll need it for authentication.

2.2 Set Up Environment Variables

Create a .env file in your project directory with your credentials:

API_TOKEN=your_api_token_here
PASSPACK_BASE_URL=https://api.passpack.com

This approach keeps your sensitive data out of your codebase and prevents accidental exposure in version control systems.

3. Implementing the Password Manager

3.1 Create the Main Password Manager Class

Open password_manager.py and start by importing necessary modules:

import requests
import os
from dotenv import load_dotenv

load_dotenv()

class TeamPasswordManager:
    def __init__(self):
        self.api_token = os.getenv('API_TOKEN')
        self.base_url = os.getenv('PASSPACK_BASE_URL')
        self.headers = {
            'Authorization': f'Bearer {self.api_token}',
            'Content-Type': 'application/json'
        }

    def create_password_entry(self, title, username, password, description=''):
        url = f'{self.base_url}/passwords'
        data = {
            'title': title,
            'username': username,
            'password': password,
            'description': description
        }
        response = requests.post(url, json=data, headers=self.headers)
        return response.json()

    def get_password_entry(self, password_id):
        url = f'{self.base_url}/passwords/{password_id}'
        response = requests.get(url, headers=self.headers)
        return response.json()

    def update_password_entry(self, password_id, **kwargs):
        url = f'{self.base_url}/passwords/{password_id}'
        response = requests.put(url, json=kwargs, headers=self.headers)
        return response.json()

    def delete_password_entry(self, password_id):
        url = f'{self.base_url}/passwords/{password_id}'
        response = requests.delete(url, headers=self.headers)
        return response.status_code == 204

This class provides the core functionality for managing password entries in your team's Passpack account. Each method corresponds to a standard CRUD operation (Create, Read, Update, Delete) for password entries.

3.2 Add Team Management Capabilities

Extend the class to handle team members and sharing:

    def add_team_member(self, email, name):
        url = f'{self.base_url}/teams/members'
        data = {
            'email': email,
            'name': name
        }
        response = requests.post(url, json=data, headers=self.headers)
        return response.json()

    def share_password_with_team(self, password_id, team_member_id):
        url = f'{self.base_url}/passwords/{password_id}/share'
        data = {
            'member_id': team_member_id
        }
        response = requests.post(url, json=data, headers=self.headers)
        return response.json()

These methods allow you to manage team members and share specific password entries with designated team members, which is essential for business use cases.

4. Testing Your Implementation

4.1 Create a Test Script

Create a simple test script to verify your implementation works:

from password_manager import TeamPasswordManager

# Initialize the manager
pm = TeamPasswordManager()

# Create a test password entry
result = pm.create_password_entry(
    title='Test Application',
    username='[email protected]',
    password='secure_password_123',
    description='Test application credentials'
)

print('Created password entry:', result)

# Retrieve the entry
password_id = result['id']
retrieved = pm.get_password_entry(password_id)
print('Retrieved entry:', retrieved)

# Update the entry
updated = pm.update_password_entry(password_id, description='Updated test description')
print('Updated entry:', updated)

This test script demonstrates the full workflow of creating, retrieving, and updating password entries, which are core features that businesses actually need.

4.2 Run Your Tests

Execute your test script:

python test_password_manager.py

If successful, you should see JSON responses showing that your password entries are being created and managed correctly through the API.

5. Advanced Features for Business Use

5.1 Implement Password Rotation

Add a method to automatically rotate passwords:

    def rotate_password(self, password_id, new_password):
        url = f'{self.base_url}/passwords/{password_id}/rotate'
        data = {'new_password': new_password}
        response = requests.post(url, json=data, headers=self.headers)
        return response.json()

Password rotation is a critical business security feature that helps maintain credential security over time.

5.2 Add Audit Logging

Implement a method to track password access:

    def get_password_audit_log(self, password_id):
        url = f'{self.base_url}/passwords/{password_id}/audit'
        response = requests.get(url, headers=self.headers)
        return response.json()

This audit capability helps businesses comply with security policies and track access to sensitive credentials.

Summary

In this tutorial, you've learned how to implement a team password manager using Passpack's API. You've created a Python class that handles core password management operations including creating, reading, updating, and deleting entries. You've also implemented team management features and advanced security capabilities like password rotation and audit logging. This approach directly addresses the business need mentioned in the article - moving away from insecure credential sharing practices to a secure, API-driven solution. The implementation provides a foundation that can be extended with additional features like automated backups, multi-factor authentication integration, or webhook notifications for security events.