Secret Server

Check Out - One Time Passwords

The Check Out feature forces accountability on Secrets by granting exclusive access to a single user with a One Time Password, or OTP. After "check in", Secret Server automatically performs a random password change on the remote machine.

No other user can access a Secret while it is checked out. This establishes single accountability for a remote machine accessed during a specific time period.

Check Out requires administrators to always use Secret Server as the password is changed after every use. This also ensures a complete audit trail of password usage.

Screenshot: One time passwords through Check Out

Check Out Hooks (Requires Enterprise Plus Edition)

The Enterprise Plus Edition allows Check Out to integrate with PowerShell Hooks that can run before and after a Secret is Checked Out. This can be used for custom checks or actions to ensure that environments are ready; or to validate that specific conditions are met before a user can access a Secret.

Screenshot: One time passwords through Check Out