Hacker News new | ask | show | jobs
Foxpass (YC S15) helps companies manage employee access to internal systems (venturebeat.com)
47 points by aren 3975 days ago
5 comments
aren 3975 days ago
Foxpass started here as a "Show HN" back in February (https://news.ycombinator.com/item?id=9039027) and now we're part of the current batch.

Would love your feedback and of course I'm happy to answer any questions!

link
rubiquity 3975 days ago
You and your team must be saints. This is arguably one of the most boring and monotonous problems to solve. Good luck!
link
skuhn 3975 days ago
Every technical problem is boring and monotonous to somebody, the trick is to find someone who can get interested in it and pay them to deal with it.

With any luck I'll be paying Foxpass to solve this one for me in the near future.

link
aren 3975 days ago
But oh-so-important!
link
andrewjb 3975 days ago
Looks like it would save a lot of headaches. Any plans to integrate with other options for authentication outside of Google Apps?
link
aren 3975 days ago
Yep! Foxpass already integrates with SSO providers like Okta and OneLogin, and soon we'll add support for Office 365.
link
lchengify 3975 days ago
Currently we're using JumpCloud, prior to that we used OneLogin before they had a ton of outages.

Would love to switch to you guys, since integrating with Google Apps as an LDAP/RADIUS server is our one-and-only use case.

Question: Do you guys guarantee encryption-at-rest for key storage? What about 3rd party master encryption keys?

link
aren 3975 days ago
We'd love to have you as a customer! We don't store any plaintext secrets. Passwords are bcrypted and public keys can safely be public. If I misunderstood your question or if you want a more in-depth answer, please drop me a line: aren@.
link
jcjames 3974 days ago
At JumpCloud, we do guarantee encryption-at-rest for key storage, we use PBKDF2 for hashing. Can I ask what you're looking for that JumpCloud doesn't offer? Google Apps and LDAP/RADIUS are right up our alley!
link
welder 3975 days ago
This is similar to https://www.meldium.com/, a team password manager that helps with user permission management. It's a problem I've been waiting for someone to successfully solve. Good luck!

P.S. Showed this to another YC startup and they want to try it.

link
justizin 3975 days ago
I worked at OneLogin and always lamented that we didn't care about managing engineering-level access at all, esp since that was actually my job at OneLogin. Definitely impressed with some of what I see.
link
ismail 3975 days ago
Nicely done guys for spotting the schelp blindness. I have been at many large enterprises where due to the pain of manging passwords everyone uses the exact same pass.
link