Password Synchronization

Password synchronization is any process or technology that helps users to maintain a single password, subject to a single security policy, across multiple systems.

Password synchronization is an effective mechanism for addressing password management problems on an enterprise network:

Users with synchronized passwords tend to remember their passwords.
Simpler password management means that users make significantly fewer password-related calls to the help desk.
Users with just one or two passwords are much less likely to write down their passwords.

There are two ways to implement password synchronization:

Transparent password synchronization, where native password changes, that already take place on a common system (example: Active Directory) are automatically propagated through the password management system to other systems and applications.
Web-based password synchronization, where users are asked to change all of their passwords at once, using a web application, instead of continuing to use native tools to change passwords.

One of the core features of P-Synch® from Hitachi ID is password synchronization.

P-Synch implements both transparent and web based password synchronization.

Scope of Password Synchronization

By default users can select which of their target systems or accounts are to be included in a password update / synchronization. Users may synchronize passwords on some or all of their systems with a new password value.

Some accounts can be administratively removed from the synchronization process by moving them to a separate instance, with a shared password history database (and so prevented password reuse).

Some users and accounts can be administratively removed from P-Synch, to take them entirely out of password management scope. This can be done by specifying individual login IDs, wild-card patterns, or group membership on target systems.