Password synchronization

Password synchronization

Password synchronization is defined as any process or technology thathelps users to maintain a single password that is subject to a singlesecurity policy, and changes on a single schedule across multiple systems.

Password synchronization is an effective mechanism for addressing password management problems on an enterprise network:

* Users with synchronized passwords tend to remember their passwords.
* Simpler password management means that users make significantly fewer password-related calls to the help desk.
* Users with just one or two passwords are much less likely to write down their passwords.

Password synchronization considered as easier to implement than enterprise single sign-on (SSO), as there is no client software deployment, and user enrollment can be automated.

Some (in particular those who sell single signon systems) claim that password synchronization is less secure than single signon, sincecompromise of one password means compromise of all. The counter-argument is that, with single signon, compromise of the primarypassword (from which an encryption key is derived and used to protect all other, stored passwords) also compromises all, so thesecurity of password synchronization and single signon is similar -- i.e., both systems depend strongly on the security of a single password, and that password must be well defended, regardless of such academic arguments.

Two types of password synchronization processes are commonly availablein commercial software:

* Transparent password synchronization, triggered by a password change on an existing system. The new password is automatically forwarded to other user objects that belong to the same user, on other systems (of the same or different types).

* Web-based password synchronization, initiated by the user with a web browser, in place of the existing native password change process. The web-based process allows the user to set multiple passwords at once.

Password synchronization is a type of Identity management software.

Those contemplating the deployment of a password synchronization system may benefit from this vendor-neutral white paper about how to run a project to deploy this type of software: [http://p-synch.com/docs/password-management-project-roadmap.html]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Password — For other uses, see Password (disambiguation). A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password… …   Wikipedia

  • Password management — There are several forms of software used to help users or organizations better manage passwords:* Personal software, installed and used by individual users: ** Password manager software is used by individuals to organize and encrypt many personal …   Wikipedia

  • Password manager — A password manager is software that helps a user organize passwords and PIN codes. The software typically has a local database or a file that holds the encrypted password data for secure logon onto computers, networks, web sites and application… …   Wikipedia

  • Self-service password reset — is defined as any process or technology that allows users who have either forgotten their password or triggered an intruder lockout to authenticate with an alternate factor, and repair their own problem, without calling the help desk. It is a… …   Wikipedia

  • One-time password — A one time password (OTP) is a password that is valid for only one login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTPs …   Wikipedia

  • Mitto Password Manager — Mitto Developer(s) Mitto LLC Operating system Cross platform Type Password manager License Proprietary software …   Wikipedia

  • Microsoft Windows Services for UNIX — (SFU) is a software package produced by Microsoft which provides a Unix subsystem and other parts of a full Unix environment on Windows NT and its successors. The subsystem included is called Interix. Like the Microsoft POSIX subsystem in Windows …   Wikipedia

  • Windows Services for UNIX — (SFU) or Subsystem for UNIX based Applications (SUA) is a software package produced by Microsoft which provides a Unix subsystem and other parts of a full Unix environment on Windows NT and some of its immediate successor operating systems. It… …   Wikipedia

  • Services for UNIX — Windows Services for UNIX (SFU) est un package logiciel produit par Microsoft qui procure un sous système Unix et quelques parties de l environnement Unix complet sur Windows NT et ses successeurs. Le sous système s appelle Interix. Comme POSIX… …   Wikipédia en Français

  • Identity management — In information systems, identity management is the management of the identity life cycle of entities (subjects or objects). An identity management system: # Establishes the identity ## Links a name (or number) with the subject or object; ## Re… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”