Support · Security · Lifecycle

Support, Security Updates and Lifecycle

On this page you will find public information on supported versions, security updates, security contact and secure decommissioning of Password Depot.

Security Contact Security Advisories
Supported Versions Security Updates Security Contact Secure Decommissioning
Scope

Scope

This page applies to Password Depot, Password Depot Enterprise Server as well as associated clients, extensions and product-related services, insofar as they are provided or maintained by AceBIT.

It does not apply to custom developments, unreleased pre-release versions or customer-modified operating environments, unless expressly agreed otherwise.

Applies to

  • Password Depot (Desktop, Mobile, Browser)
  • Password Depot Enterprise Server
  • Associated clients and extensions
  • Product-related services by AceBIT
Versions & Support

Supported Versions and End of Support

For supported versions, we provide security-relevant fixes, update guidance and – where required – migration information.

Security Support

Security-relevant fixes or other appropriate remediation measures for supported versions.

Maintenance Support

Bug fixes, compatibility updates and regular maintenance releases within the scope of the respective supported version.

End of Support

After end of support, we generally no longer provide further security or maintenance updates for the affected version.

Information on version changes, end-of-support dates or required migrations is published in release notes, product information or provided on request.

Security Updates

Security Updates and Guidance

We communicate security-relevant fixes via product information, release notes and – where a public security advisory is appropriate or required – additionally through our Security Advisories.

Install security-relevant updates promptly after their release.
If an immediate update is not possible, we provide – where practicable – guidance on workarounds or mitigations.
The available update paths for your installation depend on the product, version and deployment type.

Security Advisories

We transparently publish confirmed and resolved vulnerabilities through our Security Advisories.

View Advisories
Best Practices

Secure Operation

For the operation of Password Depot, we particularly recommend:

Use a supported and up-to-date product version
Restrict administrative access to authorised personnel only
Protect credentials, recovery information and export files with particular care
Regularly review roles, permissions and access grants
Follow product-related release notes and security-relevant guidance
Contact

Security Contact

If you would like to report a security-relevant incident, a specific suspicion or a security-related issue in connection with your use of Password Depot, please use the following contact channels:

Contact Channels

Security Contact
security@password-depot.de
General Contact
info@password-depot.de

Please provide the following information where possible

  • Organisation and reachable contact person
  • Affected products, versions and deployment type
  • Brief description of the incident or suspicion
  • Known impact and perceived urgency
  • Relevant timestamps as well as available logs, screenshots or error messages
  • Immediate measures already taken
Lifecycle

Decommissioning and Data Removal

If you wish to decommission or replace an installation, the process should be planned and documented.

1

Review Data and Backups

Determine which data, backups, logs and recovery information are still required.

2

Remove or Archive Data

Remove or archive local data stores, configuration files and export files in accordance with your internal policies.

3

Clean Up Credentials and Keys

Delete or secure credentials, service accounts, key material and certificates that are no longer needed.

4

Review Connected Services

For server or multi-user installations, connected services, background processes and technical dependencies should also be decommissioned in a controlled manner.

If you need product-specific guidance on decommissioning, our support team can assist within the scope of the available product documentation and your agreements.

Scope Delimitation

New or suspected product vulnerabilities from security research should be reported via the Vulnerability Disclosure Policy (VDP).
Confirmed and resolved vulnerabilities are published through our Security Advisories.
This page contains public information on security-relevant support, updates, lifecycle and security contact.
View VDP Security Advisories