Justification to view password

Our company policy requires justification to use some account. For this reason it would be nice if you click the eye to view the password you first have a text field that you need to fill in with for example a ticket number.

Welcome to the community V1nc3n7. Are you able to clarify the nature of the issue, because the utility of your request is unclear to me?

If a person has access to use the password, and can copy it to the clipboard, then I am not sure what is gained by putting an obstacle in the way of seeing it first. How does this relate to justification to use some accounts, given it would not impede use rather than viewing?

Hi, in our ISO27001 certification, we stated that we need to have an audit trail which contains the reason for using highly privileged accounts. The reason should be filled in before someone can copy or view the password.

We are a managed service provider, and the passwords belong to a customer. Every month we create a report for the customer that contains the usage of highly privileged accounts and the reason for using them.

If somebody copies the password, makes a log entry and saves it in their own notepad, how would you track their subsequent usage? And how do you demonstrate the control effective, given this “workaround”?