Skip to main content

Hitachi ID Password Manager Screen Shots

Image:  /overview/screen-shots/win7-credential-provider-nb
(Click to enlarge)

Unlock Windows 7 user:

A Hitachi ID Password Manager credential provider can be installed on Windows Vista and Windows 7 workstations. This adds a UI element, shown here, which users can click to access self-service password reset and/or unlock right from the login screen.

Image:  screen-shots/xp-gina-extension-nb
(Click to enlarge)

Unlock Windows XP user:

A Password Manager service can be installed on Windows XP computers which dynamically adds UI elements to dialogs on the login screen. In this example, Windows displays a locked-out message and Password Manager adds a link to the native dialog which launches the self-service UI. Note that a GINA DLL is not installed here - this is a much safer technology than alternatives.

Image:  screen-shots/ska-login-nb
(Click to enlarge)

Unlock user - no client software:

Using a domain-level secure kiosk account (SKA) access to SSPR can be extended to locked out users without deploying any software on user PCs. In this example, user PCs did get a "light touch" - a replacement wallpaper image was pushed out using a group policy object, which includes the corporate logo and instructions for users who forgot their password.

Image:  screen-shots/authenticate-security-questions
(Click to enlarge)

Authenticate with security questions:

Users who forgot their password can authenticate by correctly answering security questions. Multiple sets of questions may be presented to the user, with a random selection of the user's security questions in each one.

Image:  screen-shots/pss-password-change
(Click to enlarge)

Choose a new password:

Users choose a new password using a friendly UI that explains the password policy and displays a list of systems where the new password will be applied.

Image:  screen-shots/pss-change-results
(Click to enlarge)

Immediate feedback:

Password Manager shows the user which password changes succeeded and which (if any) failed. In the event of a problem, users can see the error code and may ask Password Manager to keep trying and send them an e-mail when the password in question is finally changed. Behind the scenes, e-mails can be sent and help desk ticket created.

Image:  screen-shots/qa-enrollment-2
(Click to enlarge)

Enrollment - security questions:

Password Manager includes a sophisticated system for inviting users to complete their profiles of security questions. Besides a registration screen (shown here) there is a mechanism to send invitation e-mails, automatically launch the user's web browser to the enrollment page and more.

Image:  screen-shots/alias-enrollment-2
(Click to enlarge)

Enrollment - login IDs:

The managed enrollment system extends beyond security questions. For example, users with different login IDs on different systems can be asked to "claim" those IDs -- attaching them to their profiles. Users are incented to do this because it helps them to synchronize passwords.

Image:  screen-shots/token-pin-reset-2
(Click to enlarge)

Token management:

Password Manager can manage more than just passwords. In this example, a user is resetting a forgotten PIN on an RSA SecurID token. Smart card PIN resets are also possible.

Image:  screen-shots/assisted-pw-reset-1
(Click to enlarge)

Help desk view:

IT support staff can use Password Manager to assist users -- resetting their passwords and or token PINs. The first step is to find the user profile for the caller, as shown here.

Image:  screen-shots/assisted-pw-reset-2
(Click to enlarge)

Assisted password reset:

Once the user's profile has been found, the support analyst can authenticate the caller -- also through the Password Manager UI before resetting and expiring the caller's password. A ticket is normally generated "behind the scenes."

Image:  screen-shots/dashboard
(Click to enlarge)


A simple dashboard shows the Hitachi ID Password Manager administrator which products are installed, how many users have been licensed, how many user profiles actually exist in the environment and the number of users who have completed every type of enrollment step (security questions, ID mapping, etc.).

Image:  screen-shots/enrollment-not-enrolled
(Click to enlarge)

Enrollment - not enrolled:

A report can be run - interactively or on a schedule with e-mail or filesystem delivery - to show how many users have not yet completed various types of enrollment steps.

Image:  screen-shots/enrollment
(Click to enlarge)


Show how many users have completed various types of enrollment steps.

Image:  screen-shots/enrollment-invited
(Click to enlarge)

Enrollment - invited:

Show how many users have been invited (typically via e-mail or popup web browser at login time) to complete various types of enrollment steps.

page top page top