Skip to main content

White Papers

arrowFrequently Asked Questions
arrowMobile Access and Byod
  • Secure Architecture for Mobile Device Access to On-Premise Applications:
    This document introduces a technical architecture that enables applications installed on mobile phones and similar devices to access security-sensitive applications deployed inside a private corporate network perimeter. The mobile devices may be personal (i.e., "BYOD") or corporate owned/managed, but it is assumed that they are neither wirelessly attached to the corporate network nor necessarily able to establish a virtual private network (VPN) link.
arrowPassword Management Basics
  • Choosing Good Passwords:
    A plain-language guide, suitable for sharing with end users, to security threats posed by password cracking software and how to apply good password rules to prevent security compromises.
  • Password Reset for Locked Out Users:
    An objective comparison of alternate strategies to addressing the problem of helping users that forgot their initial network login password.
  • Defining Enterprise Identity Management:
    Identity management is a much used term that refers to a set of technologies intended to manage a basic problem: information about the identity of employees, contractors, customers, partners, customers and vendors is distributed among too many systems, and is consequently difficult to manage. This document defines the components of enterprise identity management technologies. It describes the underlying business problem of managing user identity information on a variety of systems. It then defines identity management in the context of this problem, and describes technologies used to manage user identities effectively in the enterprise.
arrowPassword Management Best Practices
  • Self-Service, Anywhere™:
    This document explains how Hitachi ID Password Manager addresses the login problems experienced by mobile users with full disk encryption, cached credentials, smart phones, smart cards and tokens.
  • From Password Reset to Authentication Management:
    The evolution of password management -- from simple password reset to enterprise-scale management of all credentials.
  • Password Management Best Practices:
    Best practices for enterprise password management. Classifies security threats and discusses practical strategies to counter password guessers, packet sniffers, sticky notes and more.
  • Password Policy Guidelines:
    Guidelines for secure password management, including policy on composition, transmission and expiration of passwords.
  • Challenge/Response Authentication:
    Constructing secure, usable policies for authenticating users who forgot their password by asking them to answer a series of security questions.
  • Password Reset for Locked Out Users:
    An objective comparison of alternate strategies to addressing the problem of helping users that forgot their initial network login password.
  • Password Manager Deployment Best Practices:
    This document outlines best practices for designing, installing and rolling out Password Manager to an enterprise-scale user population.
  • Password Management Project Roadmap:
    A roadmap for password management projects, starting with a needs analysis, through requirements and product selection, and including deployment and ongoing management of the system.
  • Integrating Password Management with Single Sign-On:
    Learn about where password synchronization, password reset and single sign-on interact and how/why they should be integrated.
arrowPassword Manager Product Literature
arrowSpecial cases and advanced topics
  • Locking Down a Password Manager Server:
    It is important to protect both the Password Manager server and the data it stores. This document describes how.
  • Password Management for Mobile Users:
    Managing passwords for mobile users is more challenging than managing passwords to network-attached users. Challenges include managing local passwords on thousands of workstations, coping with cached credentials and supporting mobile users who forgot their initial workstation sign-on password.
  • Password Management for ISP Subscribers:
    As ISPs scale to hundreds of thousands and millions of end customers, the cost to support repetitive problems such as password resets rises to significant levels, reaching millions of dollars annually. This document describes password management specifically for ISPs.
  • Password Manager Security Analysis:
    Password Manager impacts authentication processes and standards. This document describes this impact, and how to ensure that it is a positive change. Password Manager is also a sensitive part of an organizations IT infrastructure, and consequently must be defended by strong security measures. The technology used by Password Manager to protect against intrusions, as well as best practices to deploy that technology, are described here.
  • Using Password Manager to Help with Application Migrations:
    This document describes a number of ways in which Password Manager can be used to ease migrations from one system or directory to another.
  • Password Manager Telephony Integration:
    This document outlines how Password Manager can be integrated with an interactive voice response (IVR) system, to enable self-service password reset from a telephone, self-service token management from a telephone and active enrollment of biometric voice print samples.
  • Managing Lotus Notes ID File Passwords Using Password Manager:
    Managing Lotus Notes ID file passwords presents some unique and complex challenges. This document provides an overview of these challenges, and the various ways in which they can be addressed using Password Manager.
page top page top