Skip to main content

Hitachi ID certification

Product Sites

Credential Vault

A credential vault is a database used to store passwords and similar cryptographic key material. The most common data stored in a credential vault are current and historical passwords to privileged accounts.

Credential vaults present unique design requirements, as compared to databases with other contents:

  • All passwords and keys must be encrypted, to protect against disclosure to an attacker who has compromised the physical storage media where credentials are stored or backed up.
  • Contents of the vault must replicated to and accessible in multiple physical locations, so that a service disruption at one location does not make passwords or keys unavailable at other locations.
  • Access to contents of the vault must be subject to access controls, so that different (authenticated) users are able to fetch different sets of passwords or keys.
  • Access to contents of the vault must be audited, to create accountability for use of privileged IDs.

Hitachi ID Privileged Access Manager includes a robust, geographically replicated, multi-master credential vault.

Return to Identity Management Concepts

page top page top