Hitachi ID Password Manager Concept Animations
- Synchronize Passwords
Two versions of password synchronization are shown. Both are triggered by a user who changes his password (natively) on Windows / Active Directory:
- In the first movie, the password synchronization process is simple: a single AD DC triggers the password change, a single Hitachi ID Password Manager server is notified of the new password and a single SAP R/3 instance gets the new password for the same user.
- The second movie is a more complex (and realistic) configuration. There are two, load-balanced Password Manager servers. Password synchronization may be triggered by either of two AD DCs. This configuration means that a feedback loop is possible. The movie shows how Password Manager ensures that feedback does not happen.
- Password Reset for Locked Out Users
Users may have login problems in a variety of scenarios where they cannot launch a web browser. For example, a user at the office may have forgotten or locked out his primary Windows login password before signing into his PC. Password Manager offers a series of alternative solutions for this problem: with and without client software, for Windows XP and Windows 7. A more complex scenario is when the user is away from the office, for example at home, at a coffee shop or while visiting a customer. To address this, Password Manager can integrate with the PC's wireless network driver and the corporate VPN. A user may also have problems specifically with the VPN -- for example, a forgotten PIN for his one time password token. This can be addressed via telephony integration.
- Lotus Notes Integration
Lotus Notes ID files are a widely deployed type of public key infrastructure (PKI). This means that a simple password reset is impossible -- one must know the current password for the user's ID file before being able to set a new password. Another challenge with ID files is that copies may be stored on the user's PC, on the network or even on a USB flash drive. Password Manager addresses both of these challenges using a combination of ID file enrollment, ID file distribution and an ID file vault. Alternative technologies are illustrated in a series of movies on this page.
- Smart Card PIN Resets and Key Recovery for Full Disk Encryption Products
Users don't just have passwords. They may carry a smart card, which is unlocked by entering a PIN. Their PC may be protected using a full disk encryption program, where the user must enter a password or PIN before the operating system can boot up. Password Manager includes solutions to address login problems with these non-password technologies, as illustrated in movies on this page.
- Single Sign-on to Applications
Hitachi ID Login Manager -- a module included with Password Manager -- can automatically sign users into applications where the ID and/or password is the same as the ID/password that the user typed to sign into his Windows PC. The movie on this page shows how Login Manager first "learns" that an application uses the same credentials as Windows and then how Login Manager "injects" the correct credentials when a user launches the same application.