Policy enforcementPassword Manager » Features » Policy enforcement

Policy enforcement

IT specialists recommend adopting a mature security policy to standardize password management practices. An IT security policy generally covers various aspects, such as:

  • Using strong passwords.
  • Rotating passwords regularly.
  • Changing passwords after temporary usage.
  • Implementing robust access controls.
  • Auditing user activities related to privileged access.
Policy enforcement

Password Manager Pro lets you devise adequate controls with various options to help implement a uniform policy across your organization. On top of eliminating weak passwords, password policies also satisfy compliance requirements.

Default and custom password policies—choose what suits you best.

Password Manager Pro comes with three predefined policies: low, medium, and strong. Each policy has a specified level of severity in terms of password length, alphanumeric requirements, mixed cases, password age, and old password reuse. You can also customize your own password policy in compliance with your organization's IT policy.

Create strong, unique passwords with a built-in password generator.

The built-in password generator can produce passwords that comply with defined password policies. Every password input field in Password Manager Pro has the generator right alongside it, through which the set system default policy will be used to generate passwords, unless directed otherwise.

Set a password age and automate reset upon age expiration.

Password Manager Pro allows you to specify validity periods for your passwords by setting their age. When that age occurs, the passwords will be automatically reset. For instance, if you set 90 days as your password age in your custom password policy, the resource passwords will be automatically reset once every 90 days.

Establish granular access controls on your passwords.

To control shared passwords and their access, administrators can set up a request-release mechanism for the password retrieval workflow. Activating this setting enforces users requiring access to a password that has already been shared with them to raise a request with the admin. The password will become available for use only if the administrator approves the request.

Upon approval, the user gets only temporary access to the password for a specified time frame. After the specified time period, the password will become void and the user will lose access. To avoid unauthorized access attempts in the future, the password is automatically reset after temporary use. This eliminates any possibility of users gaining improper access to IT resources.

Restrict users from viewing passwords in plain-text.

For further safety, administrators can prevent retrieval of plain-text passwords. After this password viewing restriction is imposed, authorized admins can share desired account credentials without disclosing their passwords.

Enforce users to provide a reason before password retrieval.

Passwords can't just be given out to anyone that requests them. So, you can mandate a credible reason before authorizing password access. Audit trails will capture the reason given. In addition, you can also integrate your ticketing system with Password Manager Pro to validate service requests related to privileged access. This setting allows users to enter a valid ticket ID while requesting access.

Generate instant alerts upon occurrence of password-related operations.

Instant alerts can be configured for events such as password access requests, addition of new passwords, and password expiration and sent to select recipients when they occur. Password Manager Pro provides multiple notification options such as email alerts, syslog messages, and SNMP traps.

Password Manager Pro - Enterprise Password Management Software trusted by

Get
Quote
Technical Support Request Demo