Foxpass (YC S15) helps companies manage employee access to internal systems
venturebeat.comFoxpass started here as a "Show HN" back in February (https://news.ycombinator.com/item?id=9039027) and now we're part of the current batch.
Would love your feedback and of course I'm happy to answer any questions!
You and your team must be saints. This is arguably one of the most boring and monotonous problems to solve. Good luck!
Every technical problem is boring and monotonous to somebody, the trick is to find someone who can get interested in it and pay them to deal with it.
With any luck I'll be paying Foxpass to solve this one for me in the near future.
But oh-so-important!
Looks like it would save a lot of headaches. Any plans to integrate with other options for authentication outside of Google Apps?
Yep! Foxpass already integrates with SSO providers like Okta and OneLogin, and soon we'll add support for Office 365.
Currently we're using JumpCloud, prior to that we used OneLogin before they had a ton of outages.
Would love to switch to you guys, since integrating with Google Apps as an LDAP/RADIUS server is our one-and-only use case.
Question: Do you guys guarantee encryption-at-rest for key storage? What about 3rd party master encryption keys?
We'd love to have you as a customer! We don't store any plaintext secrets. Passwords are bcrypted and public keys can safely be public. If I misunderstood your question or if you want a more in-depth answer, please drop me a line: aren@.
At JumpCloud, we do guarantee encryption-at-rest for key storage, we use PBKDF2 for hashing. Can I ask what you're looking for that JumpCloud doesn't offer? Google Apps and LDAP/RADIUS are right up our alley!
This is similar to https://www.meldium.com/, a team password manager that helps with user permission management. It's a problem I've been waiting for someone to successfully solve. Good luck!
P.S. Showed this to another YC startup and they want to try it.
I worked at OneLogin and always lamented that we didn't care about managing engineering-level access at all, esp since that was actually my job at OneLogin. Definitely impressed with some of what I see.
Nicely done guys for spotting the schelp blindness. I have been at many large enterprises where due to the pain of manging passwords everyone uses the exact same pass.