Feature Request: Require justification to view/access login entry password

[wrongecho]

From: https://forum.itflow.org/d/424-login-entries-require-techs-enter-a-justification-to-access-passwords

Requires technicians to submit a justification (or valid ticket ref) the first time they access a specific login entry's password (per day/per X hrs since last accessed). There wouldn't be any sort of approval process, but the time, entry details and justification would be recorded in an audit log so satisfy security framework requirements. I was thinking this could be configurable per login entry.

Need to work out more details about how we'd implement this exactly.
Will require changing the way passwords are currently shown, meaning an overhauling the moving the population of the modal to ajax rather than built into the page

--

• First, work out how to implement logging for viewing passwords (currently they're echoed onto the page and then shown/copied via Javascript helpers)

• Convert login view/edit modal to be dynamically populated (via ajax)

• Each login entry has a checkbox to control whether to require a reason/justification to access the password. All related details are logged.

• The justification to access a login entry remains valid for a set period of time / for the next X views of the entry by the same technician

• Possibly future work: Additional checkbox for something like "Email ITFlow admins when this login entry is accessed"