Mobile applications
Mobile apps are available for iOS and Android.
💡 Mobile app support is available since Passwork 4.7.0
Mobile apps allow you to access data that is stored in your Passwork.
You will be able to:
- Work with vaults, folders and passwords
- Search data
- Generate strong passwords
- Create one-time links to share passwords
- Use biometrics to authorize in the app
Future releases will add the ability to manage permissions and users, as well as auto-complete passwords in other apps.
Mobile apps connect directly to your Passwork server using an API.
💡 As part of data transfer security, apps always use HTTPS protocol and check the validity of SSL certificate on your server.
Therefore, for applications to work correctly, you need to make sure that:
- Mobile devices have access to your server (directly, via LAN or VPN)
- Your server with Passwork is configured to work via the HTTPS protocol
- You're using a valid SSL certificate issued by a trusted certificate authority
- You are allowed to use the API (an administrator can forbid usage of the API by specific users)
The applications authorization is done via a special QR-code.
- Log in to your Passwork account
- Select "Authorize mobile app" from the "Settings and Users" menu
- Passwork will prompt you to re-authenticate and enter your authorization password (and master password, if this mode is enabled in your Passwork)
- A popup with a QR code will be displayed
- Open the Passwork app on your phone and scan the QR code
- The QR code contains your Passwork host information as well as your API key.
- The app will go through authorization and you can start working
In future releases we plan to add an additional login and password authorization option.
Mobile apps do not ask for a 2FA code, as they require you to log in and authorize in Passwork in your browser (authorization in the browser will ask for a 2FA code if this mode is enabled) in order to receive the QR code.
Mobile applications check the validity of an SSL certificate when connecting to your server.
- Certificate must be issued by a trusted authority
- Certificate must be issued for your domain or IP address
- Certificate must not be expired
💡 If the application fails to verify the validity of the certificate, a connection error will be displayed when scanning the QR code
💡 We do not recommend using self-signed certificates
You can get a valid certificate in the following ways:
- Purchase a certificate from any trusted center
If you are using a VPN connection to connect to Passwork, you will also need to set up a VPN connection for the mobile app to work. You can set up a VPN-connection on your cell phones using iOS or Android tools or install special mobile VPN-clients.
When working via VPN your Passwork host can have a local IP address or a local domain name inaccessible from the Internet. To obtain a valid certificate in this case you need:
- In the DNS settings for the domain passwork.my-company.org you must specify the local IP address of your Passwork, where it is available in your VPN network
- Now with a connected VPN connection you can open passwork.my-company.org and get into Passwork accessible only from the VPN network. The server will give you a valid SSL certificate.
If you use a self-signed SSL certificate on the Passwork server, you have to add it to the trusted ones on your cell phone.
💡 Important Support for self-signed certificates is only available on iOS. The Android app does not yet support self-signed certificates.
To set up an iOS app with a self-signed certificate:
- Issue a self-signed root certificate
- Use that root certificate to issue an SSL certificate for your IP or host
- If you used a self-signed certificate without a root certificate, replace your current certificate with the new one from step 2.
- Export the root certificate in .crt format and transfer it to your iOS device
- Find the .crt file on your iOS device, and the system will ask you to install it automatically.
- Open General > About > Certificate Trust Settings. And activate your certificate in "Enable Full Trust for Root Certificates".
Paragraph | Question | Answer |
---|---|---|
Description | What are mobile apps? | Mobile apps are available for iOS and Android. |
Description | Where can you download Passwork app? | Passwork app can be downloaded from https://apps.apple.com/app/passwork-self-hosted/id1589706401 for iOS or https://play.google.com/store/apps/details?id=com.passwork.passwork_sh for Android. |
Description | What is the image in the description? | The image is a screenshot of the application interface. |
Features | What are the features of the mobile apps? | The mobile apps allow you to work with vaults, folders and passwords, search data, generate strong passwords, create one-time links to share passwords and use biometrics to authorize in the app. |
Features | What features will be added in future releases? | In future releases, the ability to manage permissions and users, as well as auto-complete passwords in other apps, will be added. |
How apps work | How do mobile apps connect to Passwork server? | Mobile apps connect directly to your Passwork server using an API. |
How apps work | What do you need to make sure for the applications to work correctly? | For applications to work correctly, you need to make sure that mobile devices have access to your server, your server with Passwork is configured to work via the HTTPS protocol, you're using a valid SSL certificate issued by a trusted certificate authority, and you are allowed to use the API. |
Authorization in applications | How is authorization in applications done? | Authorization in applications is done via a special QR-code. |
Authorization in applications | What are the steps to authorize the mobile app? | The steps to authorize the mobile app are: log in to your Passwork account, select "Authorize mobile app" from the "Settings and Users" menu, re-authenticate and enter your authorization password, a popup with a QR code will be displayed, open the Passwork app on your phone and scan the QR code. |
2FA and mobile apps | Do mobile apps ask for a 2FA code? | Mobile apps do not ask for a 2FA code, as they require you to log in and authorize in Passwork in your browser. |
Using SSL certificates | What do mobile applications check when connecting to your server? | Mobile applications check the validity of an SSL certificate when connecting to your server. |
Using SSL certificates | What are the requirements for a valid SSL certificate? | The requirements for a valid SSL certificate are that it must be issued by a trusted authority, it must be issued for your domain or IP address, and it must not be expired. |
Support of VPN-connections | How do you set up a VPN connection for the mobile app to work? | You can set up a VPN-connection on your cell phones using iOS or Android tools or install special mobile VPN-clients. |
Support of VPN-connections | What is the process to obtain a valid certificate when working via VPN? | The process to obtain a valid certificate when working via VPN is to register a 2nd level domain, issue a valid certificate for any subdomain, specify the local IP address of your Passwork in the DNS settings for the domain, configure your Passwork server to work with the certificate at the subdomain, and open the subdomain with a connected VPN connection to get into Passwork accessible only from the VPN network. |
Support for self-signed SSL certificates | What is the process to set up an iOS app with a self-signed certificate? | The process to set up an iOS app with a self-signed certificate is to issue a self-signed root certificate, use that root certificate to issue an SSL certificate for your IP or host, export the root certificate in .crt format and transfer it to your iOS device, find the .crt file on your iOS device, and activate your certificate in "Enable Full Trust for Root Certificates" in General > About > Certificate Trust Settings. |
Using SSL certificates | What are the consequences of failing to verify the validity of an SSL certificate when connecting to the server? | If the application fails to verify the validity of the certificate, a connection error will be displayed when scanning the QR code. |
Using SSL certificates | Why is it not recommended to use self-signed certificates? | Self-signed certificates are not recommended because they are not issued by a trusted certificate authority, and mobile apps may not support them. |
Using SSL certificates | What are the ways to get a valid SSL certificate? | The ways to get a valid SSL certificate are to purchase it from any trusted center, use a service like Cloudflare which provides free certificates, or generate or get a free valid certificate from Let's Encrypt. |
Support of VPN-connections | What is the purpose of specifying the local IP address of your Passwork in the DNS settings for the domain when working via VPN? | The purpose of specifying the local IP address of your Passwork in the DNS settings for the domain when working via VPN is to obtain a valid SSL certificate that covers the subdomain used to access Passwork. |
Support for self-signed SSL certificates | Why is support for self-signed certificates only available on iOS? | Support for self-signed certificates is only available on iOS because the Android app does not yet support them. |
Support for self-signed SSL certificates | | |