In a privileged access management system, authorized users are allowed access to privileged accounts. This simple statement raises an important question: how is that access granted? An access disclosure mechanism is a process that connects an authorized user to a privileged account in a secure, authenticated, authorized and auditable manner.
Hitachi ID Privileged Access Manager controls access by users and programs to privileged accounts on systems and applications. By default, that means that when a user is authorized to connect to a privileged account, the user is able to launch a login session directly to that account without ever seeing its password.
Display of current password values can be enabled through Privileged Access Manager policy configuration but is not normally recommended.
Access disclosure options include:
A policy defined for each set of managed systems in Privileged Access Manager determines which of these access disclosure mechanisms is available. For example, password display may be allowed for Windows workstations, since they may be inaccessible over the network, but RDP sessions with injected passwords may be mandatory on Windows servers.