Secure your secrets with PROVE IT's credentials vault
Shared files, generic accounts, contractors walking away with your passwords… These practices still exist, and they expose your IT infrastructure to major risks. PROVE IT integrates a certified credentials vault that protects your sensitive secrets without ever exposing them to the end user.
A reality for many IT teams
To save time, many organisations still take shortcuts that undermine their security:
- Passwords stored in plain text in a shared Excel file
- Non-nominative generic accounts used by multiple individuals
- External contractors and service providers who know, and leave with, your administration credentials
These practices may ease day-to-day operations, but they also create critical blind spots: it becomes impossible to know who did what, when, and on which system. In the event of an incident or an audit, you are navigating in the dark.
Password managers : not enough for admin access
A password manager is a good first step. It secures storage and enforces complexity. But it does not address the real challenges of privileged access.
The core problem remains unsolved: the user (whether internal or an external contractor) sees, copies and handles the credentials. When the assignment ends, the knowledge of the password stays behind.
Every external contractor who retains your credentials is a risk that outlives the contract.
Did you know? A 7-character password can be cracked in under 6 minutes.
PROVE IT : a bastion with a secure, transparent-to-the-user vault built in
Our bastion natively integrates a secrets vault that fundamentally changes the way your privileged access is managed.
The PROVE IT vault does not simply store your secrets, it makes them structurally inaccessible, even to those who use them.
The principle is straightforward :
- The user connects to the bastion using their personal account with MFA authentication
- They then access only the machines they are authorised to reach
- They never see, copy or handle any credentials
- Every connection is nominative, logged and recorded
Credentials remain inside the vault. They are only retrieved to establish the session, automatically and transparently. External contractors therefore never have knowledge of the connection secrets for the servers they work on.
Result: zero disclosure, full traceability and enhanced compliance.
What the PROVE IT vault includes under the hood
1. Strong encryption and controlled access
Each secret is stored in an individually encrypted container, access to which is controlled by a passphrase or shared secret. Even in the event of a system compromise, your credentials remain inaccessible.
- Double protection: strong encryption + master authentication on every restart
- Granularity: one encrypted container per secret, adaptable to your organisation
- Certified algorithms: modern, battle-tested cryptography
2. Secret sharing: no more single point of dependency
Stop concentrating all access in the hands of one individual. PROVE IT implements Shamir's Secret Sharing: the master key is split into several distinct shares (up to 5), and only a subset (for example, 3 out of 5) is required to reconstruct access.
3. Centralised SSH key management and Linux integration
PROVE IT provides centralised SSH key management and integrates natively into Linux environments, enabling a secure transition to modern authentication methods without operational disruption for your teams.
A vault certified with the CSPN Security Visa by ANSSI
The CSPN Security Visa awarded by The French Cybersecurity Agency (ANSSI) validates the robustness of PROVE IT's credentials vault. This technical evaluation, conducted by independent experts, confirms that the solution meets the most stringent security requirements.
A strong argument to put forward to your management, auditors and clients.
Discover PROVE IT : the bastion host built for the realities of SMEs, mid-sized companies and public sector organisations
Our solution- Security : advanced cryptography, zero credential disclosure, secret sharing
- Compliance : aligned with ISO 27001, GDPR, NIS2 and DORA requirements
- Simplicity : fast deployment, streamlined day-to-day administration, seamless user experience