Features Password Synchronization Web Browser Password Synchronization
Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page

Web Browser Password Synchronization - Hitachi ID Password Manager

(1)Users can change some or all of their passwords using a Hitachi ID Password Manager web interface. The password policy is clearly explained on-screen and enforced interactively.

Using an interactive web page to change passwords has educational benefits but requires user awareness and cooperation.

Process

Password change and/or synchronization from a web browser works as follows:

  1. User: decides to change his password(s) or has been prompted to by e-mail or a "web pop-up" during the login process.

  2. User: manually or automatically opens a web browser, navigates through the Intranet to the Password Manager application.

  3. Password Manager web server: asks the user to type his network login ID.

  4. User: types his network login ID.

  5. Password Manager web server: asks the user to type his current NOS password.

  6. User: types his current password.

  7. Password Manager web server: validates the password against the indicated system.

    ... repeat if authentication failed, lockout if too often.

  8. Password Manager web server: asks the user to enter a new password.

  9. User: types a new password, selects some or all accounts.

  10. Password Manager web server: validates password quality, possibly returns the user to previous step.

  11. Password Manager web server: resets the password on selected systems to the new value.

  12. Password Manager web server: displays a status page to the user.

  13. Password Manager web server: creates a ticket on an incident management system.

  14. Password Manager web server: sends the user a confirmation e-mail.

User Notification

Users do not normally volunteer to change their own passwords. A process for reminding users to periodically change their passwords is described here.


Watch a Movie

Reminder to change passwords


Play movie

Content:

  • A user is reminded, via e-mail, to change passwords.

Key concepts:

  • Users never volunteer to change passwords.
  • Mobile users are not reminded to change passwords by Windows, so an e-mail helps them avoid lockouts.
  • An interactive web UI can educate users about password policy and in-scope systems, so is often preferable to the Windows "Ctrl-Alt-Del" UI.