Password Synchronization with Hitachi ID Password Manager
Password synchronization is any process or technology that helps users to maintain a single password, subject to a single security policy, across multiple systems.
Password synchronization is an effective mechanism for addressing password management problems on an enterprise network:
- Users with synchronized passwords tend to remember their passwords.
- Simpler password management means that users make significantly fewer password-related calls to the help desk.
- Users with just one or two passwords are much less likely to write down their passwords.
There are two ways to implement password synchronization:
- Transparent password synchronization, where native password changes, that already take place on a common system (example: Active Directory) are automatically propagated through the password management system to other systems and applications.
- Web-based password synchronization, where users are asked to change all of their passwords at once, using a web application, instead of continuing to use native tools to change passwords.
One of the core features of Hitachi ID Password Manager is password synchronization.
Password Manager implements both transparent and web based password synchronization.
Scope of Password Synchronization
By default users can select which of their target systems or accounts are to be included in a password update / synchronization. Users may synchronize passwords on some or all of their systems with a new password value.
Some accounts can be administratively removed from the synchronization process by moving them to a separate instance, with a shared password history database (and so prevented password reuse).
Some users and accounts can be administratively removed from Password Manager, to take them entirely out of password management scope. This can be done by specifying individual login IDs, wild-card patterns, or group membership on target systems.