Module – Credential Rotation
12Port Privileged Account Managment
Secure Password and Key Management
Privileged Account Management is a module of our 12Port Zero Trust Platform, purpose-built to automate, secure, and enforce policies around privileged credentials. From passwords and SSH keys to complex secret rotation workflows, Privileged Account Management delivers precision control and compliance without adding friction to your operations.
12Port Privileged Account Management
Secure Password and Key Management for Every Use Case
Privileged Account Management simplifies how you manage and protect shared account credentials and private keys across your organization. Whether users need access to known passwords or credentials must remain hidden, Privileged Account Management supports both self-service and administrative workflows.
- Automated password reset for shared accounts with known credentials.
- SSH key rotation with automated public key updates on remote endpoints.
- Support for custom password requirements and XKCD-style passphrases.
- Full SSH key specification enforcement (packaging, algorithm, key strength).
- Credential injection and password updates by shadow accounts, without exposing secrets.
Security starts at the credential level. Privileged Account Management makes it automated, consistent, and policy-driven.
12Port Privileged Account Management
Centralized Secret Requirements with Inheritance and Override
With Privileged Account Management, you can enforce robust, organization-wide rules for how credentials and keys are created, stored, and rotated; and still maintain flexibility across departments and assets.
- Define password and SSH key complexity requirements by:
- Length, character types, special characters
- Algorithm type (RSA, EdDSA, Ed25519, ECDSA)
- Packaging format (PEM, OpenSSH, PuTTY)
- Enforce password standards consistently across all accounts and infrastructure assets.
- Apply policies at the space(site) level, user directory, asset type, or asset.
- Inherit rules down the hierarchy with the option to uniquely override at any level.
Govern your credential standards from the top down with fine-grained control where needed.
12Port Privileged Account Management
Automated Credential Rotation, On Schedule or On Event
Credential security shouldn’t be manual. Privileged Account Management makes it easy to automate password and key rotation on a schedule or in response to system events.
- Cron-based scheduling for regular rotation.
- Event-based triggers, such as after-update or credential unlock.
- Rotation jobs for accounts on:
- Windows, Microsoft Active Directory, Linux, Unix, Solaris, AIX, IBM i, Entra ID and others
Whether you’re rotating passwords daily or only after use, Privileged Account Management adapts to your risk and compliance requirements.
12Port Privileged Account Management
Intelligent Job and Task Automation with Script Libraries
Privileged Account Management goes beyond credential management by automating tasks across your infrastructure. Use our scripting engine to standardize operations, enforce post-session cleanup, or configure remote systems.
- Script libraries support SSH, WinRM and other protocols.
- Scripting in Shell, PowerShell, and Groovy, with reusable components.
- Support for batch and standalone script executions.
- Custom script handlers and interactive script execution.
- Trigger scripts by event or time using flexible cron scheduling.
With Privileged Account Management, privileged account operations become reliable, repeatable, and audit-ready.
12Port Privileged Account Management
Full Integration with Windows and Unix Systems
Privileged Account Management supports seamless remote task execution across both Windows and Unix systems with credential injection, account type support, and parser options for structured output.
Windows Remote Process Interface:
- WinRM and secure WinRMs support
- Local, domain, gMSA, sMSA, and LAPS account types
- NTLM, Basic, or Kerberos authentication
- Output parsers: Text or Object Model
Unix Remote Process Interface:
- SSH support with user/password or private key authentication
- Key formats: PEM, OpenSSH, PuTTY
- Algorithms: RSA, EdDSA, Ed25519, ECDSA
Whether you’re running a remote command, applying patches, or validating a task, Privileged Account Management executes securely and with full control.
12Port Privileged Account Management
Comprehensive Audit Trail with Job and Event Reporting
Privileged Account Management gives your team complete visibility into what happened, when, and why across every credential and job execution.
- Job reports with full execution logs and detailed results.
- Event reports for all scheduled or triggered actions.
- Role-based task permissions and job tracking.
- Hierarchical task inheritance with override support for asset types and individual assets.
Be ready for audits, internal reviews, or incident response with confidence and traceability.
12Port Privileged Account Management
Peer Node Configuration and Task Scalability
Just like your infrastructure, Privileged Account Management is built to scale. With support for distributed peer nodes and isolated environments, task execution and credential operations can be extended to every corner of your network.
- Run jobs on remote peer nodes in air-gapped or isolated networks.
- Configure peer nodes at the space(site), container, or asset level.
- Enable load balancing across multiple peer nodes for performance and high availability.
- Inherit or override configurations for flexibility.
No matter how complex or segmented your environment, Privileged Account Management ensures secure credential and task management everywhere.
Why Account Management Is Essential for PAM
12Port Privileged Account Management is your command center for privileged credential management. It combines secure password and key handling with powerful task automation and policy enforcement.