Storing passwords in AzureKeyVault is equivalent to Password Manager?

Tariq Younas 41 Reputation points
2022-02-24T09:39:58.507+00:00

We were using a tool Keepass to store the passwords of VMs. I can see Azure Key Vault is for this purpose in Azure but question is "Is this same like Keepass or 1Password"? How admin can retrieve password on demand against the VM name?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,327 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JamesTran-MSFT 36,656 Reputation points Microsoft Employee
    2022-02-25T22:53:53.527+00:00

    @Tariq Younas
    Thank you for following up with this!

    When it comes to a feature similar to KeePass that can be used for login purposes, this'll be our Microsoft Authenticator App. The Microsoft Authenticator is an app that helps you sign into your accounts when you're using two-factor authentication. With the Authenticator app you can require a password along with your fingerprint, face recognition, or PIN. For more info.

    When it comes to the Azure Key Vault side of things, you can definitely use it to store and retrieve passwords. I'll share some links below to hopefully help point you in the right direction.
    Azure Disk Encryption - This'll be used at the VM level where each time the VM starts/stops the VM will retrieve a Secret for decryption purposes.
    Tutorial: Use a managed identity to connect Key Vault to an Azure web app in .NET
    How to Use Azure Key Vault With an Azure Web App in C#

    For your specific scenario of retrieving a password on-demand when accessing a VM, we currently don't have a feature outside of the Microsoft Authenticator app to do this. However, if the above features aren't what you're looking for, I'd recommend leveraging our User Voice forum and creating a feature request, so our engineering team can look into implementing this. I can also create an internal feature request, so our engineering team is aware of this as well.

    Additional Links:
    Login to Windows virtual machine in Azure using Azure Active Directory authentication
    Authentication to Key Vault in application code
    Azure Key Vault developer's guide
    Key Vault authentication options
    The Key Vault request operation flow with authentication
    Azure Key Vault REST API reference

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.