Home ACE Knox

Knox

Last updated on Sep 13, 2024

About Knox

Knox is American Cloud's self-hosted credential platform based off of the trusted BitWarden Password Management application. As such, Knox provides a secure means for American Cloud to share and manage sensitive data with our clients via customized organizations and vaults. Knox provides a combination of both asymmetric and asymmetric encryption that protects sensitive information as it is shared, as well as organizational policies that ensure compliance with AICPA SOC2 Type 2 / Privacy Shield, GDPR, and CCPA regulations. All logins stored on Knox reside in an encrypted vault, utilizing AES-CBC 256 bit encryption, salted hashing, and PBKDF2 SHA-256 algorithms.

Security is tantamount when it comes to credential and authentication management and American Cloud feels a solution as strong as Fort Knox is what it takes to deliver this.

Creating Account

Knox is self hosted and completely separate from BitWarden.  Please make sure to follow these steps even if you are already an active user of VaultWarden or BitWarden.  There is information later in this document that goes over connecting this account to your current BitWarden Clients and Account Switching

Invitation

When it’s necessary for Clients of American Cloud to share information such as secure logins with an engineer or vice versa an invite to join a secure Organization in Knox will be initiated.  Employees of American Cloud will never ask for login information over the phone, email, or text.

Once you have opened the email from “Knox” with the email address ([email protected]) click the “Join Organization Now” button.

Join the Organization

Important: For new user’s of American Cloud’s Knox Create a new account using the “Create Account” button.  Even if you have a current BitWarden or VaultWarden account DO NOT try to Log In, Knox is a unique Vault with its own unique Domain(knox.americancloud.io).

Master Password

After clicking the “create account” button you will be taken to the following screen.  Here you will be able to create your username and master password.

Important:  If you forget your master password it will be unrecoverable.  The only way to allow you back into the vault will be by having an Admin from American Cloud remove you from Knox completely and you will need to create a new account after being re-invited.

Logging In

When you want to log into Knox you will navigate in your web browser to: knox.americancloud.io.  There you will be able to enter your email address and your master password.  There will be instructions at the end of this document detailing how to add this domain to your bitwarden extensions and client if you are already a BitWarden user.

**

**

2FA and SOC-2 Compliance

In order to be fully SOC-2 compliant we require all users to set up two factor authentication.  If 2FA is not set up within 24 hours you will be removed from the organization.  In order to gain access to the organization you will need to set up 2FA and an Admin from American Cloud will have to re-invite you.

Along with that personal information should not be shared or stored in Knox.  We have disabled the My Vault option.  If you store any information in “My Vault” prior to joining the Organization you were invited to, it will be destroyed and unrecoverable upon joining the Organization.

Setting Up 2FA

Navigate to Account Settings once you are logged in

Choose Security from the Account Setting menu and choose a form of 2FA.  Any type of 2FA you choose will work. 

Account Switching

If you have accounts on multiple servers, for example a previous bitwarden account and now knox.americancloud.io, use the server selector drop down that is located on the login screen and select the Self-hosted menu to change the Server URL to the URL for the account.

Self-hosted domain selectorSelf-hosted domain selector

In this example, for American Cloud you would use knox.americancloud.io as the domain.