Hitachi ID Password Manager: Enrollment, password reset and password synchronization

Uploaded on

Hitachi ID Password Manager: …

Hitachi ID Password Manager:

Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications

Integrated credential management for users:
passwords, encryption keys, tokens, smart cards and more.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. 1 Hitachi ID Password Manager Managing the User Lifecycle Across On-Premises and Cloud-Hosted ApplicationsIntegrated credential management for users:passwords, encryption keys, tokens, smart cards and more. © 2012 Hitachi ID Systems, Inc.. All rights reserved. 1
  • 2. Slide Presentation2 HiPM Animated DemonstrationThe following animations illustrate core Hitachi ID Password Manager user interfaces and processes: • Security question enrollment: • SSPR with GINA Extension: – A user authenticates and – A locked out user resolves his own completes his personal profile of problem, from the login prompt, questions and answers. using a GINA extension. • Alias enrollment: • SSPR with Vista credential provider: – A user attaches non-standard login – A locked out user resolves his own IDs to his profile. problem, from the login prompt, • Password expiration: using a Windows Vista credential provider. – A user is invited, via e-mail, to • Assisted password reset: change soon-to-expire passwords. • Self-service password reset (SSPR) – A help desk analyst signs in with an using Secure Kiosk Account: RSA SecurID token and resets a caller’s password. – A locked out user resolves his own • PIN Reset for an RSA SecurID token: problem, from the login prompt, without client software deployment. – A user resets his RSA SecurID token PIN with HiPM.3 Locked out Windows 7 user resets own passwordAnimation: ../pics/camtasia/psynch-2/win7-credential-provider.cam4 Locked out Windows XP user resets own passwordAnimation: ../pics/camtasia/psynch-2/ © 2012 Hitachi ID Systems, Inc.. All rights reserved. 2
  • 3. Slide Presentation5 Locked out Windows user resets own password (no software foot- print)Animation: ../pics/camtasia/psynch-2/4-password-reset-ska.cam46 Enrollment of security questionsAnimation: ../pics/camtasia/psynch-2/1-qa-enrollment.cam7 Enrollment of non-standard login IDsAnimation: ../pics/camtasia/psynch-2/2-alias-enrollment.cam8 RSA SecurID Self Service Token SupportAnimation: ../pics/camtasia/psynch-2/8-rsa-token-reset.cam9 Reminder to change passwordsAnimation: ../pics/camtasia/psynch-2/ © 2012 Hitachi ID Systems, Inc.. All rights reserved. 3
  • 4. Slide Presentation10 Assisted Password ResetAnimation: ../pics/camtasia/psynch-2/7-password-reset.cam11 Unlocking Windows Users Approach Pros Cons Do nothing (call help desk). Zero setup. Zero benefit. Domain secure kiosk account. Easy setup. No client Generic, no password domain software. account. Personalized SKA accounts. No "guest" domain account. Lots of specialized domain accounts. Local secure kiosk account. No "guest" domain account. Client software deployment. GINA wrapper DLL; Vista More user friendly. Risk of workstation damage if Credential Provider improperly installed. Local software + dedicated Enables password reset for Client package, at least to VPN. mobile or at-home users who mobile. are locked out. IVR access. Simple setup, no client Cannot manage local software. passwords. Users don’t want to talk to a machine. © 2012 Hitachi ID Systems, Inc.. All rights reserved. 4
  • 5. Slide Presentation 12 HiPM Benefits Cost Savings Improved Security Synchronization: Eliminates 60% to Policy: Enforce 50+ 90% of password password rules, problems. globally. Self service reset: When adopted by Synchronization: Fewer written 40% to 70% of passwords. users, diverts Authentication: Block social problem resolution engineering attacks away from the help on the help desk. desk. Delegation: Eliminate admin Assisted reset: Shortens remaining passwords at help password reset HD desk. calls by 50% or Accountability: Log all more, to about 1 authentications, minute/call. password changes. PIN reset: Users can resolve Encryption: Protect sensitive their own SecurID data on disk and problems. network. 13 Summary An integrated solution for managing credentials: • Immediate security benefit: password policy, help desk caller authentication. • Low deployment cost, minimal ongoing investment, significant IT support savings. • Always accessible: – Web browser on PC, phone or tablet. – Windows login prompt. – Pre-boot encryption password prompt. – Phone call / IVR. – Available at work and while off-site. • 110+ connectors included. Learn more at, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: File: Date: March 1, 2012