Wikipedia

Password synchronization: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Shohami (talk | contribs)
34 edits
Shohami (talk | contribs)
34 edits
No edit summary
Line 1:
'''Password synchronization''' is a process, usually supported by software, through which a user maintains a single password across multiple IT systems. Provided all the systems enforce similar password standards (e.g. concerning minimum and maximum password length, complexity and re-use rules), the user can choose a new password at any time and deploy the same password across all the associated systems. If the standards vary, the user may either need to choose a password that complies with all the rules (the [[lowest common denominator]]) or this may be achieved behind the scenes within the password synchronization software (e.g. padding or truncating passwords to conform to size constraints on certain systems).
 
It is a type of [[identity management]] software and it's considered easier to implement than [[Single_signon | enterprise single sign-on (SSO)]], as there is no client software deployment, and user enrollment can be automated.
 
==Uses==
 
It is a type of [[identity management]] software and it's considered easier to implement than [[Single_signon | enterprise single sign-on (SSO)]], as there is no client software deployment, and user enrollment can be automated.
Password synchronization makes it easier for IT users to recall passwords and so manage their access to multiple systems, for example on an enterprise network. Since they only have to remember one or at most a few passwords, users are less likely to forget them or write them down, resulting in fewer calls to the IT Help Desk and less opportunity for coworkers, intruders or thieves to gain improper access. Through suitable security awareness and training activities, users can be encouraged to choose [[Password strength|stronger passwords]] as they have fewer to remember.
 
==Uses==
Password synchronization may be easier to implement than [[Single_signon | enterprise single sign-on (SSO)]], as (with some approaches at least) there is no need to deploy client software on the target systems. However, there are security issues that may outweigh the benefits. As with most security decisions, there are cost-benefit considerations relating to the amount of security risk one is willing to accept.
Password synchronization makes it easier for IT users to recall passwords and so manage their access to multiple systems, for example on an enterprise network. Since they only have to remember one or at most a few passwords, users are less likely to forget them or write them down, resulting in fewer calls to the IT Help Desk and less opportunity for coworkers, intruders or thieves to gain improper access. Through suitable security awareness and training activities, users can be encouraged to choose [[Password strength|stronger passwords]] as they have fewer to remember.
 
==Security==
Line 16 ⟶ 18:
 
Some password synchronization systems may copy password hashes from one system to another, where the hashing algorithm is the same. In general, this is not the case and access to a plaintext password is required.
 
[[Category:Identity management systems]]
Retrieved from "https://en.wikipedia.org/wiki/Password_synchronization"