Clients: For the best experience, please log in and create a shortcut on your desktop for creating new tickets, as well as viewing the current ticket list.

Accessing Your Password Vault

Your service agreement comes with complementary access to our password vault at https://vault.mbaysek.org

Notes About Password Security

Here's where you get the usual advice.  

You can:

  • Use a password software to generate a secure password. 
    • We recommend at least 12 characters.   
  • Make up your own sufficiently complex password. 
    • If you want to test your password making skills, you can try this third party password complexity checker by Bitwarden.  https://bitwarden.com/password-strength/.  This link is provided for informational purposes and is provided by a third party commercial SaaS password vault provider.  Please don't type any real passwords into this tool.

A Secure Password Contains a Combination Of:

  • Numbers
  • Letters
  • Uppercase
  • Lowercase
  • Symbols
  • Etc. 
  • The more, the better. 
    • And the more characters, the better.   We recommend no less than 12 characters given today's security landscape.

In general, sharing passwords can be dangerous.  If passwords are compromised, it can seriously affect the reputation and uptime of your business.

  • Writing them down?  Bad!
    • Most people write the username, password, and name of the service on the same piece of paper!  Yikes! 
    • I'd place a bet that you probably don't even know half of the people involved in handling your trash or cleaning your office! 
    • If the written paper is left unattended, it could be viewed by anyone - and you'd never even know who - putting your entire business at risk. 

  • Saving them in a Word doc or text file.  Bad!
    • A malware infection will definitely steal a password saved this way.
    • If your computer is accessed without your knowledge, your passwords could be easily exposed.
    • A backup is a great place to look for password files.  How do you secure your backups?  I hope you encrypt your backups.

  • Saving them to Commercial SaaS password services:  Not Great.
    • Recent compromises to LastPass as of August and November 2022 indicate that the sheer number of people who use these services make them targets for attack.
    • Even though services like Lastpass and others have well designed security layers, they suffer from being massive targets.  When leaks happen from services like this, it compromises the overall security of these services in the long run. 
    • In the recent case of Lastpass, customer information was compromised, but not actual passwords, indicating that those users will more likely be chosen for targeted social engineering attacks based on the information that the attackers did gain during the initial attack.

To Access Your mbaysek.org Password Vault

This service allows us to securely transmit sensitive information: specifically, passwords!   


Before you begin:

  • Know, that we will NEVER email you and ask you to send us a password by email, phone or any other method.  

  • Any password you send us by any other method is subject to the security of that method.  We don't recommend using any method besides vault.mbaysek.org. 

  • You take full responsibility for using third party systems, in general.

  • Any password you send us by any other method will also be stored in vault.mbaysek.org because that is our system of record for client and end client passwords.   

  • You will not receive any invite to our password vault if you are not under or have just started an active service agreement with us. 

  • This usually involves having first payed us a fee. 

  • DO NOT follow any unsolicited links to sign up for vault.mbaysek.org or any other password provider.

  • Always validate to the best of your ability that any email you receive from our password vault is really from us:  
    • Compare the sender and format of the email to any previous emails you received from our system.
    • If you doubt the authenticity of an email from our password vault, please report the issue by emailing help desk

To access your password vault:

  • First, shortly after you start your SLA with us, look for the email "Welcome to passbolt" from vault.mbaysek.org and follow the instructions.  If you don't have an email matching this description, request one from us.

  • Follow all instructions for installing the Passbolt browser extension.  The browser extension is a necessary part of Passbolt, as it provides a separate and layered security approach which performs a lot of the security on your machine instead of ours.

  • Once logged into the vault, you should see a group which we have created for you in the navigation panel.  The group is how we organize the passwords from a service provider view. 

  • On your side, you only see your group.  The group will contain your passwords.  You can add and edit passwords on your group.  If you encounter any problem managing the passwords in your group, please contact us.

Using Your mbaysek.org Password Vault:

  • When you add a new password, please know that it does not automatically get added to your group. 
    • Any password you add is only available and visible to you, and you alone, unless you explicitly share it to the group. 
    • Sharing a created password to the group effectively shares your password with our sysadmins, as well as any members of your organization whom you add, or ask us to be part of the group. 
      • If you don't put anyone else on your team in the group, any passwords you share to the group are between you and our dedicated sysadmin only.  We don't share any of your passwords to any employees or contractors without your express consent.
    • If you create a password and fail to share it to your group, we will not be able to see that you have created that password, and we will not be able to access it.
  • Please know that, on the server side, we don't have access to any passwords unless you explicitly give us the access by sharing it.  The only data on our server is already encrypted before your computer sends it to us.  Because of this, unless you have shared you password properly with us by using the Share option, we will not be able to recover any passwords that you store in this system.

Using The Vault With Your Team

While we do not recommend having other IT people involved in managing your resources without coordinating with us, you can use our password vault to communicate passwords to your Management and Executive Teams.  This allows your management hierarchy to have complete access to the passwords at all times, on demand.  

Onboarding for this type of sharing does involve some setup, so please contact us if you wish to share passwords with more than just one member of your team.

For security purposes, we do not recommend sharing individual accounts on https://vault.mbaysek.org with members of your team.  If you share passwords for this service, you are doing so entirely at your own risk.  The proper thing to do if you need to share passwords with someone is to request an account for your other users.

Notes about Multi-factor Authentication (2FA/MFA)

Multi-factor authentication goes above and beyond passwords.  In addition to a username and password, they usually require someone to enter a code that was texted to a phone number, or to provide a deterministic value based on a random number seed (such as commercial solutions from companies like RSA, Google Authenticator or other providers.)  

We don't directly support MFA in our password vault implementation. 

To make sure your account is secure, we recommend

  • Creating very strong master passwords when using our system,

  • Keeping any hard copies of them very secure, such as
    • in a lock box stored inside a company safe with proper security measures,
    • in a lock box stored in safe deposit box, etc.
  • The master password should be something that you can remember, but is "hard to say."   and/or

  • You could even store your very complex password inside of another password vault system, if you desire.

Storing Credentials that Require MFA 

You may have providers which are linked to your email account or cell phone number for MFA purposes.

  • If you have such accounts, we may need to coordinate with you in order to log in to your accounts to service them.  
    • When we need to login to your account, you may need to provide us, in real time, access to any temporary codes sent to you.  
  • Alternatively, some providers allow you to delegate rights to other users on their systems. 
    • Examples of this might include Amazon Web Services or Azure.  If your provider allows rights delegation, we recommend delegating rights to us using those methods. 
    • If your providers have MFA requirements, we will contact you and recommend the optimal configuration for your specific case.

If You Encounter Issues 

Please contact us as soon as possible if you have issues by emailing the help desk or contacting us using your favorite method.

Powered by UVdesk