SlideShare a Scribd company logo

Password Synchronization

PortalGuard dba PistolStar, Inc.
PortalGuard dba PistolStar, Inc.

PortalGuard’s Password Synchronization offers a comprehensive solution which supports multiple directories including Microsoft Active Directory, Novell eDirectory, IBM System i, any LDAP v3-compliant directory and custom SQL user tables. Beyond being easy to implement and forcing user enrollment, PortalGuard enables self-service password reset, recovery and account unlock to manage forgotten passwords. PortalGuard helps reconcile any password complexity policies by enforcing a consistent set of password rules. Tutorial: http://pg.portalguard.com/server-based_password_synch_tutorial

Technology
1 of 24
Download to read offline
Understanding PortalGuard’s Server-based Password Synchronization: Managing Multiple Passwords Highlighting the Self-service Password Reset Layer of the PortalGuard Platform
By the end of this tutorial you will be able to… • How PortalGuard can help you • Understand password synch can be a midpoint between too many passwords and expensive SSO solutions • Learn about PortalGuard’s Server-based Password Synch • See the step-by-step Authentication Process • Know the technical requirements
The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications. Usability Security • Single Sign-on • Knowledge-based • Password Management • Two-factor Authentication • Password Synchronization • Contextual Authentication • Self-service Password Reset • Real-time Reports/Alerts
Before going into the details… • Configurable by user, group or domain hierarchy • Comprehensive solution supporting multiple directories • Enables self-service password reset, recovery and account unlock • Force user enrollment (optional) • Active Directory Password Filter (optional) • Cost effective and competitively priced • Easy to implement
Enterprise SSO
• Single password, single interface • Cost effective • Easier implementation • Flexible • Force enrollment • Server-based • No client-side software required • Self-service Password Reset Password Synch
The process of password synchronization… Correlates the passwords for multiple user accounts
Password Complexity Challenges Step One: Identifying Password Complexity Rules Rules differ from system to system causing a common hurdle to implementing password synch… Step Two: Change Password Rules on Systems WARNING: Microsoft AD: no maximum password length or prevent specific characters IBM System i: typically maximum length of 10 with special character limitations
Multiple Directories (including MS Active Directory, Novell eDirectory, IBM System i, LDAP v3-compliant, and custom SQL user tables ) Self-service Password Reset Real-time synch Consistent set of password rules Active Directory Password Filter
Features: • Ability to link a user’s primary account to accounts on multiple systems/directories • All password changes, resets and account unlocks through PortalGuard flow to all linked systems in real-time • Aligns password complexity rules to reduce barriers to password propagation • Requirement to link accounts is policy driven which can be specific to the user, group or domain hierarchy • Account linking can be enforced or made optional • Supports multiple user account repositories
• Password Synch - eliminate the need for users to remember different passwords • Ease of Use - manage passwords from single consistent interface • Self-service - unlock accounts and reset passwords from one place • Seamless Integration - with existing logins using “sidecar” mode • Lower Costs - reduce password-related calls and required IT support • Increased Productivity - and user adoption for new services/websites
HOW IT WORKS
How to link an account…. Step 1: the user logs into a Windows workstation or an existing internal website. PortalGuard is notified of the logon and checks its policies to see if the user: • Is required to link to an account in another directory, and • If they have yet to do so
How to link an account…. Step 2: Once the user provides the correct password, the secondary account password will be immediately synched with the primary if necessary
Step 1: The user has forgotten their password and clicks “Forgot Password?” link on the Windows logon screen or website logon page
Step 2: The user chooses to reset their forgotten password and proves their identity by correctly answering a series of challenge Q&A or entering an OTP
Step 3: The user enters a new password that satisfies all linked account systems. The PortalGuard server resets all linked accounts to use this password and unlocks the accounts as well.
Step 4: Immediate feedback is given to the user that the password reset was successful on all linked accounts.
Configurable through the PortalGuard Configuration Utility: • Password Synchronization • Password Policies: • Dictionary Words • Regular Expressions • Password History • Minimum Length • Maximum Length • Minimum: • Lowercase characters • Uppercase characters • Numeric characters • Non-alphanumeric characters • Enforce AD Complexity • Password Rule Grouping • Password Strength Meter
TECHNICAL REQUIREMENTS PortalGuard Desktop – for Windows workstations Sidecar Mode – enforce account linking on existing website AD Password Filter – enforce custom password policy for native Ctrl+Alt+Del Windows password changes
A MSI is used to install PortalGuard on IIS 6 or 7.x. This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only. • Microsoft Active Directory – Windows 2000 AD domain or later • Novell eDirectory 8.7 or later • IBM System i - V5R2 or later • Any LDAP v3-compliant directory • Custom SQL user tables • Microsoft Windows Server 2000 • Microsoft Windows Server 2003 (32 or 64-bit) • Microsoft Windows Server 2008 (32 or 64-bit) • Microsoft Windows Server 2008 R2 • Windows Terminal Services on Win2003 • Remote Desktop Services on Win2008 • IBM WebSphere/WebSphere Portal v5.1 or higher • Microsoft IIS 6.0 or higher • Microsoft Windows SharePoint Services 3.0 or higher • Microsoft Office SharePoint Server 2007 or later
THANK YOU For more information visit PortalGuard.com or Contact Us

Recommended

Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
PortalGuard dba PistolStar, Inc.
 
single sign-on
single sign-onsingle sign-on
single sign-on
Megha Sahu
 
Overcoming the challenges of Office 365 user management in hybrid environments​
Overcoming the challenges of Office 365 user management in hybrid environments​Overcoming the challenges of Office 365 user management in hybrid environments​
Overcoming the challenges of Office 365 user management in hybrid environments​
Zoho Corporation
 
Self-service password management and single sign-on for on-premises AD and cl...
Self-service password management and single sign-on for on-premises AD and cl...Self-service password management and single sign-on for on-premises AD and cl...
Self-service password management and single sign-on for on-premises AD and cl...
Zoho Corporation
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
Shivanand Arur
 
Windows 8.1 for IT-pros - presentation from Campus days 2013
Windows 8.1 for IT-pros - presentation from Campus days 2013Windows 8.1 for IT-pros - presentation from Campus days 2013
Windows 8.1 for IT-pros - presentation from Campus days 2013
Microsoft
 
PortalGuard Product Tour
PortalGuard Product TourPortalGuard Product Tour
PortalGuard Product Tour
PortalGuard
 
CNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking AuthenticationCNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking Authentication
Sam Bowne
 

Recommended

Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
PortalGuard dba PistolStar, Inc.
 
single sign-on
single sign-onsingle sign-on
single sign-on
Megha Sahu
 
Overcoming the challenges of Office 365 user management in hybrid environments​
Overcoming the challenges of Office 365 user management in hybrid environments​Overcoming the challenges of Office 365 user management in hybrid environments​
Overcoming the challenges of Office 365 user management in hybrid environments​
Zoho Corporation
 
Self-service password management and single sign-on for on-premises AD and cl...
Self-service password management and single sign-on for on-premises AD and cl...Self-service password management and single sign-on for on-premises AD and cl...
Self-service password management and single sign-on for on-premises AD and cl...
Zoho Corporation
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
Shivanand Arur
 
Windows 8.1 for IT-pros - presentation from Campus days 2013
Windows 8.1 for IT-pros - presentation from Campus days 2013Windows 8.1 for IT-pros - presentation from Campus days 2013
Windows 8.1 for IT-pros - presentation from Campus days 2013
Microsoft
 
PortalGuard Product Tour
PortalGuard Product TourPortalGuard Product Tour
PortalGuard Product Tour
PortalGuard
 
CNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking AuthenticationCNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking Authentication
Sam Bowne
 
Microservices and Self-contained System to Scale Agile
Microservices and Self-contained System to Scale AgileMicroservices and Self-contained System to Scale Agile
Microservices and Self-contained System to Scale Agile
Eberhard Wolff
 
Fear and Loathing of 2fa
Fear and Loathing of 2faFear and Loathing of 2fa
Fear and Loathing of 2fa
Igor Bulatenko
 
Asp.net membership anduserroles_ppt
Asp.net membership anduserroles_pptAsp.net membership anduserroles_ppt
Asp.net membership anduserroles_ppt
Shivanand Arur
 
Microservices: Architecture to Support Agile
Microservices: Architecture to Support AgileMicroservices: Architecture to Support Agile
Microservices: Architecture to Support Agile
Eberhard Wolff
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web Security
SharePointRadi
 
CNIT 129S: 11: Attacking Application Logic
CNIT 129S: 11: Attacking Application LogicCNIT 129S: 11: Attacking Application Logic
CNIT 129S: 11: Attacking Application Logic
Sam Bowne
 
Difference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netDifference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.net
Umar Ali
 
CNIT 129S: Ch 6: Attacking Authentication
CNIT 129S: Ch 6: Attacking AuthenticationCNIT 129S: Ch 6: Attacking Authentication
CNIT 129S: Ch 6: Attacking Authentication
Sam Bowne
 
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
Sam Bowne
 
Nanoservices and Microservices with Java
Nanoservices and Microservices with JavaNanoservices and Microservices with Java
Nanoservices and Microservices with Java
Eberhard Wolff
 
Data Architecture not Just for Microservices
Data Architecture not Just for MicroservicesData Architecture not Just for Microservices
Data Architecture not Just for Microservices
Eberhard Wolff
 
Microservices - not just with Java
Microservices - not just with JavaMicroservices - not just with Java
Microservices - not just with Java
Eberhard Wolff
 
Cookies authentication
Cookies authenticationCookies authentication
Cookies authentication
Rsilwal123
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application Technologies
Sam Bowne
 
CNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access ControlsCNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access Controls
Sam Bowne
 
Microservices: Redundancy=Maintainability
Microservices: Redundancy=MaintainabilityMicroservices: Redundancy=Maintainability
Microservices: Redundancy=Maintainability
Eberhard Wolff
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
Sam Bowne
 
Highly confidencial security system
Highly confidencial security systemHighly confidencial security system
Highly confidencial security system
Shashikant Vaishnav
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
Sam Bowne
 
How Small Can Java Microservices Be?
How Small Can Java Microservices Be?How Small Can Java Microservices Be?
How Small Can Java Microservices Be?
Eberhard Wolff
 
Using FLCs to Extend ESL Content Beyond the SEI Classroom
Using FLCs to Extend ESL Content Beyond the SEI ClassroomUsing FLCs to Extend ESL Content Beyond the SEI Classroom
Using FLCs to Extend ESL Content Beyond the SEI Classroom
Melanie Gonzalez
 
Visual learning 2
Visual learning 2Visual learning 2
Visual learning 2
janeywan
 

More Related Content

What's hot

What's hot (20)

Microservices and Self-contained System to Scale Agile
Microservices and Self-contained System to Scale AgileMicroservices and Self-contained System to Scale Agile
Microservices and Self-contained System to Scale Agile
 
Fear and Loathing of 2fa
Fear and Loathing of 2faFear and Loathing of 2fa
Fear and Loathing of 2fa
 
Asp.net membership anduserroles_ppt
Asp.net membership anduserroles_pptAsp.net membership anduserroles_ppt
Asp.net membership anduserroles_ppt
 
Microservices: Architecture to Support Agile
Microservices: Architecture to Support AgileMicroservices: Architecture to Support Agile
Microservices: Architecture to Support Agile
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web Security
 
CNIT 129S: 11: Attacking Application Logic
CNIT 129S: 11: Attacking Application LogicCNIT 129S: 11: Attacking Application Logic
CNIT 129S: 11: Attacking Application Logic
 
Difference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netDifference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.net
 
CNIT 129S: Ch 6: Attacking Authentication
CNIT 129S: Ch 6: Attacking AuthenticationCNIT 129S: Ch 6: Attacking Authentication
CNIT 129S: Ch 6: Attacking Authentication
 
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 2 of 2)
 
Nanoservices and Microservices with Java
Nanoservices and Microservices with JavaNanoservices and Microservices with Java
Nanoservices and Microservices with Java
 
Data Architecture not Just for Microservices
Data Architecture not Just for MicroservicesData Architecture not Just for Microservices
Data Architecture not Just for Microservices
 
Microservices - not just with Java
Microservices - not just with JavaMicroservices - not just with Java
Microservices - not just with Java
 
Cookies authentication
Cookies authenticationCookies authentication
Cookies authentication
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application Technologies
 
CNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access ControlsCNIT 129S: 8: Attacking Access Controls
CNIT 129S: 8: Attacking Access Controls
 
Microservices: Redundancy=Maintainability
Microservices: Redundancy=MaintainabilityMicroservices: Redundancy=Maintainability
Microservices: Redundancy=Maintainability
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
 
Highly confidencial security system
Highly confidencial security systemHighly confidencial security system
Highly confidencial security system
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
 
How Small Can Java Microservices Be?
How Small Can Java Microservices Be?How Small Can Java Microservices Be?
How Small Can Java Microservices Be?
 

Viewers also liked

Visual learning 2
Visual learning 2Visual learning 2
Visual learning 2
janeywan
 
Matsol gonzalez whitlow
Matsol gonzalez whitlowMatsol gonzalez whitlow
Matsol gonzalez whitlow
Melanie Gonzalez
 
Breaking Down the Article Writing Process for New Academics
Breaking Down the Article Writing Process for New AcademicsBreaking Down the Article Writing Process for New Academics
Breaking Down the Article Writing Process for New Academics
Melanie Gonzalez
 
14532813 example-letter-of-inquiry
14532813 example-letter-of-inquiry14532813 example-letter-of-inquiry
14532813 example-letter-of-inquiry
blacx13
 
Enquiry letters
Enquiry lettersEnquiry letters
Enquiry letters
Kumar
 

Viewers also liked (11)

Using FLCs to Extend ESL Content Beyond the SEI Classroom
Using FLCs to Extend ESL Content Beyond the SEI ClassroomUsing FLCs to Extend ESL Content Beyond the SEI Classroom
Using FLCs to Extend ESL Content Beyond the SEI Classroom
 
Visual learning 2
Visual learning 2Visual learning 2
Visual learning 2
 
Matsol gonzalez whitlow
Matsol gonzalez whitlowMatsol gonzalez whitlow
Matsol gonzalez whitlow
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual Authentication
 
The Lexical Profile of Diverse and Sophisticated Academic Essays
The Lexical Profile of Diverse and Sophisticated Academic EssaysThe Lexical Profile of Diverse and Sophisticated Academic Essays
The Lexical Profile of Diverse and Sophisticated Academic Essays
 
Responding to errors in esl writing
Responding to errors in esl writingResponding to errors in esl writing
Responding to errors in esl writing
 
Breaking Down the Article Writing Process for New Academics
Breaking Down the Article Writing Process for New AcademicsBreaking Down the Article Writing Process for New Academics
Breaking Down the Article Writing Process for New Academics
 
14532813 example-letter-of-inquiry
14532813 example-letter-of-inquiry14532813 example-letter-of-inquiry
14532813 example-letter-of-inquiry
 
Inquiry letter
Inquiry letterInquiry letter
Inquiry letter
 
Business Letters Power Point Presentation
Business Letters Power Point PresentationBusiness Letters Power Point Presentation
Business Letters Power Point Presentation
 
Enquiry letters
Enquiry lettersEnquiry letters
Enquiry letters
 

Similar to Password Synchronization

Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple Passwords
PortalGuard
 
access-control-week-3
access-control-week-3access-control-week-3
access-control-week-3
jemtallon
 
Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO Systems
Hitachi ID Systems, Inc.
 
Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01
Hai Nguyen
 
Password Management Before User Provisioning
Password Management Before User ProvisioningPassword Management Before User Provisioning
Password Management Before User Provisioning
Hitachi ID Systems, Inc.
 
Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...
Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...
Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...
SPTechCon
 

Similar to Password Synchronization (20)

Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Password management
Password managementPassword management
Password management
 
Windows Small Business Server 2011 Nasıl Kullanılır
Windows Small Business Server 2011 Nasıl KullanılırWindows Small Business Server 2011 Nasıl Kullanılır
Windows Small Business Server 2011 Nasıl Kullanılır
 
SBS 2011 Kullanimi
SBS 2011 KullanimiSBS 2011 Kullanimi
SBS 2011 Kullanimi
 
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple Passwords
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
 
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
Envision it SharePoint Extranet Webinar Series - Federation and SharePoint On...
 
access-control-week-3
access-control-week-3access-control-week-3
access-control-week-3
 
Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO Systems
 
2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity
2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity
2022 APIsecure_Passwordless Multi-factor Authentication Security and Identity
 
Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01
 
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...Envision it Webinar - Extranet Identity Management and Authentication for Sha...
Envision it Webinar - Extranet Identity Management and Authentication for Sha...
 
Centrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptxCentrify Access Manager Presentation.pptx
Centrify Access Manager Presentation.pptx
 
Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SAS
 
Password Management Before User Provisioning
Password Management Before User ProvisioningPassword Management Before User Provisioning
Password Management Before User Provisioning
 
Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...
Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...
Integrating SharePoint 2010, 2013 and Visual Studio Lightswitch by Rob Windso...
 
Dell Password Manager Introduction
Dell Password Manager IntroductionDell Password Manager Introduction
Dell Password Manager Introduction
 
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheCloudsKoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
KoprowskiT_SQLRelayBirmingham_SQLSecurityInTheClouds
 

More from PortalGuard dba PistolStar, Inc.

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
PortalGuard dba PistolStar, Inc.
 

More from PortalGuard dba PistolStar, Inc. (7)

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
 
Password Management
Password ManagementPassword Management
Password Management
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based Authentication
 
Make Your Employees More Security Aware
Make Your Employees More Security AwareMake Your Employees More Security Aware
Make Your Employees More Security Aware
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Recently uploaded (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

Password Synchronization

  • 1. Understanding PortalGuard’s Server-based Password Synchronization: Managing Multiple Passwords Highlighting the Self-service Password Reset Layer of the PortalGuard Platform
  • 2. By the end of this tutorial you will be able to… • How PortalGuard can help you • Understand password synch can be a midpoint between too many passwords and expensive SSO solutions • Learn about PortalGuard’s Server-based Password Synch • See the step-by-step Authentication Process • Know the technical requirements
  • 3. The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications. Usability Security • Single Sign-on • Knowledge-based • Password Management • Two-factor Authentication • Password Synchronization • Contextual Authentication • Self-service Password Reset • Real-time Reports/Alerts
  • 4. Before going into the details… • Configurable by user, group or domain hierarchy • Comprehensive solution supporting multiple directories • Enables self-service password reset, recovery and account unlock • Force user enrollment (optional) • Active Directory Password Filter (optional) • Cost effective and competitively priced • Easy to implement
  • 5.
  • 6.
  • 8. • Single password, single interface • Cost effective • Easier implementation • Flexible • Force enrollment • Server-based • No client-side software required • Self-service Password Reset Password Synch
  • 9. The process of password synchronization… Correlates the passwords for multiple user accounts
  • 10. Password Complexity Challenges Step One: Identifying Password Complexity Rules Rules differ from system to system causing a common hurdle to implementing password synch… Step Two: Change Password Rules on Systems WARNING: Microsoft AD: no maximum password length or prevent specific characters IBM System i: typically maximum length of 10 with special character limitations
  • 11. Multiple Directories (including MS Active Directory, Novell eDirectory, IBM System i, LDAP v3-compliant, and custom SQL user tables ) Self-service Password Reset Real-time synch Consistent set of password rules Active Directory Password Filter
  • 12. Features: • Ability to link a user’s primary account to accounts on multiple systems/directories • All password changes, resets and account unlocks through PortalGuard flow to all linked systems in real-time • Aligns password complexity rules to reduce barriers to password propagation • Requirement to link accounts is policy driven which can be specific to the user, group or domain hierarchy • Account linking can be enforced or made optional • Supports multiple user account repositories
  • 13. • Password Synch - eliminate the need for users to remember different passwords • Ease of Use - manage passwords from single consistent interface • Self-service - unlock accounts and reset passwords from one place • Seamless Integration - with existing logins using “sidecar” mode • Lower Costs - reduce password-related calls and required IT support • Increased Productivity - and user adoption for new services/websites
  • 15. How to link an account…. Step 1: the user logs into a Windows workstation or an existing internal website. PortalGuard is notified of the logon and checks its policies to see if the user: • Is required to link to an account in another directory, and • If they have yet to do so
  • 16. How to link an account…. Step 2: Once the user provides the correct password, the secondary account password will be immediately synched with the primary if necessary
  • 17. Step 1: The user has forgotten their password and clicks “Forgot Password?” link on the Windows logon screen or website logon page
  • 18. Step 2: The user chooses to reset their forgotten password and proves their identity by correctly answering a series of challenge Q&A or entering an OTP
  • 19. Step 3: The user enters a new password that satisfies all linked account systems. The PortalGuard server resets all linked accounts to use this password and unlocks the accounts as well.
  • 20. Step 4: Immediate feedback is given to the user that the password reset was successful on all linked accounts.
  • 21. Configurable through the PortalGuard Configuration Utility: • Password Synchronization • Password Policies: • Dictionary Words • Regular Expressions • Password History • Minimum Length • Maximum Length • Minimum: • Lowercase characters • Uppercase characters • Numeric characters • Non-alphanumeric characters • Enforce AD Complexity • Password Rule Grouping • Password Strength Meter
  • 22. TECHNICAL REQUIREMENTS PortalGuard Desktop – for Windows workstations Sidecar Mode – enforce account linking on existing website AD Password Filter – enforce custom password policy for native Ctrl+Alt+Del Windows password changes
  • 23. A MSI is used to install PortalGuard on IIS 6 or 7.x. This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only. • Microsoft Active Directory – Windows 2000 AD domain or later • Novell eDirectory 8.7 or later • IBM System i - V5R2 or later • Any LDAP v3-compliant directory • Custom SQL user tables • Microsoft Windows Server 2000 • Microsoft Windows Server 2003 (32 or 64-bit) • Microsoft Windows Server 2008 (32 or 64-bit) • Microsoft Windows Server 2008 R2 • Windows Terminal Services on Win2003 • Remote Desktop Services on Win2008 • IBM WebSphere/WebSphere Portal v5.1 or higher • Microsoft IIS 6.0 or higher • Microsoft Windows SharePoint Services 3.0 or higher • Microsoft Office SharePoint Server 2007 or later
  • 24. THANK YOU For more information visit PortalGuard.com or Contact Us