MYKI For Teams FAQ
What is MYKI for Teams?
MYKI for Teams is an enterprise focused version of MYKI that allows enterprises to secure and manage their internal passwords, share passwords between team members and create rules that improve password security across the organization. MYKI keeps the enterprive vault stored locally across enterprise devices and doensn't use the cloud to store passwords.
What are the advantages of using MYKI for Teams over other enterprise password managers?
MYKI for Teams stores your company's data offline (locally) and seamlessly syncs that data in a P2P manner across enterprise devices. MYKI for Teams offers the same level of convenience that cloud-based enterprise password managers offer without the security implications of storing data in a centralized location on cloud servers.
As an admin, can i access a user's personal passwords?
No, every user has by default a personal vault that is completely segregated from the enterprise vault. Items in a user's personal vault are stored in a different database altogether that company admins cannot have access to as it is stored locally on the user's device.
How is the data relayed between admins in the company?
Every MYKI user has an RSA2048 public/private key pair. The public key ledger of all users and admins in the company is synced between admins. Whenever an admin wants to sync data with another admin, the sending admin signs and encrypts that data using the public key of the receiving admins and transmits it to the other admin's devices. The receiving admin verifies the digital signature and proceeds to decrypt the message.
How are passwords shared with users in the company?
Similar to the way data is relayed between admins, admins are able to use the public key of any user in the company in order to encrypt passwords and relay them to these users. The receiving user verifies that the message is legitimate by verifying the digital signature of the admin before decrypting the message containing the passwords.
What happens if MYKI servers get hacked?
MYKI servers do not hold any passwords or sensitive data which means that there is no situation in which hackers can compormise user passwords by accesing our servers. A complete, catastrophic compromise of MYKI servers can only result in a temporary interruption of the connection between users in the company. Users will still be able to access their accounts while we restore access to the servers as the credentials are stored locally.
Where does MYKI for Teams store the company's passwords?
Passwords are stored on any MYKI-enabled device that you enroll in your company. Admin devices store the complete MYKI Vault. User devices store passwords that are assigned specifically to the users in question. This means that users only have physical access to items that they are elligible to access.
Where are backups stored?
MYKI for Teams stores encrypted enterprise backups on every admin endpoint. This means that multiple company admins that own multiple endpoints (computer, smartphone, tablet) will each maintain a backup on every device diversifying your backup locations which considerably reduces the risk of data loss. We also offer dedicated MYKI Backup Servers that you can host on-premise or on private clouds that can be deployed on all popular operating systems with minimal effort.
Can we import passwords from an external source (file, password manager or directory)?
Yes, MYKI supports a wide variety of import sources. Examples include CSV files, Google Cloud, Microsoft Azure AD and competing password management solutions such as Lastpass, Dashlane, 1Password, Bitwarden and Keeper.Import steps are outlined during the onboarding process and can also be found at support.myki.com.
Can we export our data out of MYKI?
Yes, MYKI supports exporting all of your data in CSV format. We are against user lockdown habits.
Can MYKI sync with Microsot Azure AD and/or Google Cloud?
Yes, you can sync users, passwords and groups. MYKI also enables one-click email creation and password resets from within the portal.
Loss of device
What happens if a user loses his device?
Admins in the company can revoke access which wipes the vault on lost devices. Admins can also re-invite the user to join the company using his new device.
What happens if an admin loses his phone?
Admins can wipe the vault of other admins and re-invite them to the company. In the case where a single admin exists in the company, that admin can restore his access using a MYKI Backup file that is automatically created on any other device the admin has MYKI installed on. Companies using MYKI Backup Servers can also restore access to admins from these backup servers.
Functionnality and Features
Can users add passwords to the company vault?
Yes, users can assign items to the company vault from within the MYKI apps and extensions. By default, assigned items need to be approved by company admins before being permanently incorporated into the enterprise vault. The user keeps access to the item that was assigned to the company but the item is now owned by the company which means that MYKI admins can make changes to the fields and to the assignment rules of that item.
Can i assign a password to more than one person?
Yes, any item in the MYKI Vault can be assigned to more than one user. Users can also be added to groups in order to simplify bulk actions.
Can i audit the password strength of users in the company?
Yes, MYKI offers several reporting options amongst which is a Password Strength Dashboard that displays the overall strength of your organization based on the strength of passwords stored in the vault. You can filter these reports to identify specific weak passwords and users that are using these weak passwords.
What are user groups?
A user group is a set of people who have joint interests, goals or roles. A group can be devoted to a particular function, technology, application or corporation. MYKI admins can create user groups and add users to these groups. Items, Item Folders and Security Policies can then be assigned to these groups which will result in having every user in the group be affected by the assignment.
What are item folders?
An item folder is a group containing passwords, cards and/or notes. Item folders can be shared with one user or with a group. You can also apply security policies and rules to item folders.
What are security policies?
A security policy is an adaptive behavioral constraint that you can apply to users, items and groups that enforces additional security mechanisms on your organization. Security policies include location-based rules, time-based rules and IP-based rules.
Can i setup 2FA on accounts in the MYKI Portal?
Yes. The portal supports adding 2FA secrets to items by pasting the secret into the portal. This enables MYKI to auto-fill the 2FA token of that specific account in the browser.
Can 2FA enabled passwords be shared with multiple users?
Yes, passwords that have 2FA enabled can be shared with users, groups and can also be added to item folders which allows users to collaborate using the same credentials while they have 2FA enabled. This is a big advantage that is made possible by the unique decentralized architecture of MYKI.
Can MYKI auto-fill 2FA tokens on behalf of our users?
Yes, adding the 2FA secret to items stored in MYKI allows MYKI to auto-fill the 2FA token in the browser.