Skip to main content

RSA SecurID Integration - Hitachi ID Password Manager

Token Management

Users with RSA SecurID tokens can use Hitachi ID Password Manager for PIN reset or to clear forgotten PINs, to resynchronize their token clock with the RSA Authentication Manager, to enable or disable their token and to get emergency access pass-codes.

Organizations that have RSA SecurID tokens should allow users to clear or reset their PINs, resynchronize token clocks with the ACE server and enable/disable their own tokens. All of this should be accessible in a self-service facility, with password authentication.

There is no security impact to the above -- PIN resets in particular substitute one secret (a user's password) for another (the same user's PIN).

Support staff should be able to perform the same functions, after a reliable caller authentication process. Some organizations may also allow empower staff to issue emergency access numbers for users who misplaced their token and need access to infrastructure protected by token authentication.

Enabling self-service access to emergency pass codes reduces the security of tokens from two factor (hardware + PIN) to one factor (the password used to access self-service). This feature should only be enabled if token security can be safely reduced to password security.

Read More:

  • Included Connectors:
    Systems on which Password Manager can manage passwords.
  • Integrations:
    Integrations between Password Manager and other parts of an IT infrastructure.
  • Supported User Interfaces:
    Supported Password Manager user interfaces: web browser, workstation login prompt, mobile phone and telephone call.
  • Helping Locked Out Users:
    Enabling users who forgot their primary password or locked themselves out of their PC to access self-service.
  • Helping Mobile Users:
    Assisting mobile users who forgot their primary password (cached on their PC) while away from the corporate network.
  • Network architecture:
    How users, existing systems and applications and Password Manager servers interact on the network.
  • Scalability:
    How Password Manager can scale to manage passwords across millions of login IDs.
  • Mapping User IDs:
    How Password Manager maps user IDs on different systems back to their human users, both automatically and with human assistance.
  • Language Support:
    Languages supported by the Password Manager user interface.
  • Single Sign-on Without a Password Wallet:
    Hitachi ID Login Manager can automatically sign users into their applications without having to store IDs and passwords in a "password wallet."
  • Password Manager server requirements:
    Sizing, configuration and number of servers on which to deploy Password Manager.
page top page top