The present disclosure relates to assigning a password for a shared account to a given user, and more particularly, to computer systems for maintaining control and accountability of a password after it is shared among multiple users.
A password management system comprises a system of hardware and software that helps users access shared accounts on network servers. Generally, such systems store a plurality of passwords that are associated with the shared accounts. When a user wishes to access a given shared account, the user requests a password for the shared account from the password management system. In response, and provided the user has the appropriate privileges to access the shared account, the password management system “checks-out” a selected password for the shared account and assigns it to the user. The newly assigned password remains associated only with the user such that no other user may be assigned that same password until the user checks the password back into the password management system.
Conventionally, password management systems maintain accountability of the password for the user that checked the password out of the system. That is, conventional systems are configured to track the use of the assigned password as if the user has control of the password. However, the user may—appropriately or inappropriately—transfer control of the assigned password to another user. And once a password is transferred or made known to another user, conventional password management systems are unable to maintain accountability for that password.