Hitachi ID Password Manager Concept Animations
- Synchronize Passwords
Two versions of password synchronization are shown. Both are triggered by a
user who changes his password (natively) on Windows / Active Directory:
- In the first movie, the password synchronization process is simple: a single
AD DC triggers the password change, a single Hitachi ID Password Manager server is notified
of the new password and a single SAP R/3 instance gets the new password
for the same user.
- The second movie is a more complex (and realistic) configuration.
There are two, load-balanced Password Manager servers. Password
synchronization may be triggered by either of two AD DCs. This configuration
means that a feedback loop is possible. The movie shows how Password Manager ensures
that feedback does not happen.
- Password Reset for Locked Out Users
Users may have login problems in a variety of scenarios where they cannot launch
a web browser. For example, a user at the office may have forgotten or locked out
his primary Windows login password before signing into his PC. Password Manager offers
a series of alternative solutions for this problem: with and without client software,
for Windows XP and Windows 7. A more complex scenario is when the user is away
from the office, for example at home, at a coffee shop or while visiting a customer.
To address this, Password Manager can integrate with the PC's wireless network driver and
the corporate VPN. A user may also have problems specifically with the VPN --
for example, a forgotten PIN for his one time password token. This can be
addressed via telephony integration.
- Lotus Notes Integration
Lotus Notes ID files are a widely deployed type of public key infrastructure (PKI).
This means that a simple password reset is impossible -- one must know the current
password for the user's ID file before being able to set a new password. Another
challenge with ID files is that copies may be stored on the user's PC, on the
network or even on a USB flash drive. Password Manager addresses both of these challenges
using a combination of ID file enrollment, ID file distribution and an ID file
vault. Alternative technologies are illustrated in a series of movies on this page.
- Smart Card PIN Resets and Key Recovery for Full Disk Encryption Products
Users don't just have passwords. They may carry a smart card, which is unlocked
by entering a PIN. Their PC may be protected using a full disk encryption program,
where the user must enter a password or PIN before the operating system can boot
up. Password Manager includes solutions to address login problems with these non-password
technologies, as illustrated in movies on this page.
- Single Sign-on to Applications
Hitachi ID Login Manager -- a module included with Password Manager -- can automatically sign users into
applications where the ID and/or password is the same as the ID/password that the
user typed to sign into his Windows PC. The movie on this page shows how Login Manager
first "learns" that an application uses the same credentials as
Windows and then how Login Manager "injects" the correct credentials when
a user launches the same application.