Select Fine-grained controls from the Admin configurations section of the Settings tab. The majority of the restrictions, when activated, are applicable for everyone in the organization, including the admin and super admin, unless mentioned otherwise.
- Restrict users from storing personal passwords
Prevent everyone in the organization from storing personal passwords. This only allows users to store the enterprise passwords, which can be viewed when necessary using emergency access.
- Restrict users from exporting passwords
Prevent everyone from exporting any passwords they have access to, to prevent your business passwords from going outside of Zoho Vault.
- Restrict offline access
Zoho Vault allows users to download their passwords as an encrypted HTML file in order to access them offline. Enable this option to prevent everyone from exporting passwords for offline access.
- Restrict access to passwords through mobile apps
Selectively restrict people from accessing company passwords outside the office network. Enable this option to prevent everyone in the organization from accessing passwords through mobile apps.
- Restrict users from sharing passwords with outsiders
Zoho Vault allows users to share passwords temporarily with trusted third parties. Enable this option to prevent anyone in your organization from sharing passwords with outsiders.
- Allow users to paste their master password
Zoho Vault does not recommend storing or writing down the Zoho Vault master password anywhere. However, for convenience, super admins can allow their users to copy and paste their master password while logging in to Zoho Vault. Enabling this option will allow all users in the organization to copy and paste the master password.
- Hide user-defined password categories from global view
Users can create custom password categories to organize their sensitive data. Some of these categories may be irrelevant to other users. Enable this option to ensure these categories are visible only to the respective users who had created them.
- Restrict users from adding new passwords
Prevent anyone in your organization from storing any new passwords. Enable this option to allow users to view, share, and modify only the existing passwords.
- Restrict users from sharing passwords
Prevent anyone in your organization from sharing passwords. Enable this option to allow users to create, view, and modify only their own passwords.
- Store multiple URLs for a password
Enable this option to allow your users to add multiple URLs corresponding to their passwords.
Restrictions handled only by super admins
A few of the restrictions are exclusively controlled only by the admins.
Restrict users from receiving backup data when they forget their master password and reset it
Whenever users set their master password, an encrypted copy of their Zoho Vault data will be sent to their registered email address. This data can only be unlocked in the future with their old master password whenever they recollect it. You can prevent your users and admins from receiving a copy of this data by enabling this option.
Allow users to export the passwords shared with them
Zoho Vault does not recommend allowing users to exports passwords that have been shared with them. However, if the business need arises, enable this option to allow everyone from your organization to export the passwords shared with them.
Enable IP Restriction
Restrict access to your Zoho Vault account from malicious or untrusted IPs. Enforce IP restrictions to only allow users to access the application from selective IPs or IP ranges. By default, IP restrictions will be imposed on all users and admins, except the super-admin of the organization.
Disable IP Restriction for Mobile Apps
Enabling this option will allow users to access Zoho Vault's mobile applications without letting the IP restriction affect them. This is helpful when your users travel for business purposes.
Exempting specific users from restrictions
Zoho Vault allows admins and super-admins to exempt specific users from the access restrictions mentioned above:
- Access Fine-grained controls under the Admin configurations section of the Settings tab, then click Manage exemptions corresponding to the restrictions.
- Select the users to be exempted from the restriction, then click Save.
Note: You can modify this list for any restriction at any time from Manage exemptions. All modifications are captured in the Audit section in real time.