Identity Express: Password Management Edition is a reference implementation of Hitachi ID Password Manager, designed to automate user enrollment, self-service password management and IT support processes.
Identity Express: Password Management Edition requires at least an integration with Active Directory and with an e-mail system. Beyond this, every major system and application in an organization, both on-premise and SaaS, should be integrated if a significant portion of the user population signs into it with credentials specific to that system or application.
Identity Express: Password Management Edition pre-configures best practices processes and policies for:
- Strong authentication for all users, for example by sending a PIN to the user's phone or leveraging the Hitachi ID Mobile Access application on the user's phone, prior to prompting for either a password or answers to security questions.
- Automatically and actively managed enrollment, for example of security questions, mobile phone numbers or non-standard login IDs.
- Robust security policies for password complexity, password expiration and history, delegated password resets, security question formulation and more.
- Access to self-service from a PC browser, from a PC login screen, using the Mobile Access app on mobile phones and via phone call, as appropriate.
- Password synchronization, where users have multiple login accounts and passwords.
- Federated access to applications that accept SAML assertions.
- A personal password vault, both as a convenience to users and as an incentive to drive up user adoption.
- VPN integration, to enable off-site users to reset forgotten passwords that are cached locally on their PCs.
The objective of the reference implementation is to minimize initial
and ongoing configuration of the password management system -- which
lowers cost and reduces time to deploy. At the same time, two-factor
authentication, federated access and password policies strengthen
security for all users.