General Information

This section provides general information about the Login, which kind of Login is supported and what exactly happens when you submit your credentials.

Keestash provides both, local accounts as well as LDAP provisioned access. When using local accounts, sign up is done by a register form as you can see here. The user needs to provide some general information such as name, surname, email address etc. and will get access as soon as successfully signed up.

Keestash SaaS redirects to our payment provider in order to create the subscription. Once the payment is set up successfully, the payment provider will notify us and the user can start using immediately. Read more about payment here.

Local Accounts

When using local accounts, Keestash creates and saves data into it’s own databases. After validating all information, the user and it’s password is stored in the database. Keestash stores the password never in clear text, but encrypts with a strong and industry standard encryption method. The username and the password chosen while user creation is then used to log in:

Keestash Local Account Login

LDAP Accounts

When Keestash is connected to a LDAP backend, authentication is done querying the LDAP server. For security reasons, the LDAP server is not mentioned anywhere in the login screen. Keestash assumes that – being in the LDAP mode – Keestash is set up for an organization and users know which LDAP backend is used. Keestash does not support anonymous LDAP logins since it is seen as a security risk. The overall LDAP setup is documented here.

When configured with LDAP, Keestash shows this in the login screen:

Keestash LDAP login
Keestash LDAP login

General Information

As mentioned above, Keestash users are hosted locally regardless of the type of login. Local accounts are stored and managed by Keestash. LDAP users are synchronized with Keestash and are created with as many information as provided by the LDAP server.

If you can not log in with your LDAP credential, it is likely that there are conflicts with local user data. In this case, Keestash can not differ between local and LDAP users. However, the information are not lost and are likely to solve by an administrator or the vendors.
The SaaS version of Keestash does not provide LDAP support out of the box. Users and/or companies using Keestash SaaS and want to get authenticated by LDAP should reach out our team for a custom plan.

For problems with the login – such as password resetting etc. – Keestash SaaS provides a form to reset the account. Read more about here. For self hosted Keestash users should reach out to their admins and customers with custom plans should reach out us.

Keestash

Open Source Password Manager

Contact

info@ucar-solutions.de

49 69 175 111 52

Germany

Schulstra├če 3a
65719 Hofheim am Taunus