Picture this: You鈥檙e an IT admin and you get a frantic message from an employee, Neil, who left his Windows computer in the back of a Lyft on a work trip in New York City. Neil is terrified his device could be compromised if his credentials are hacked (what Neil doesn鈥檛 tell you is that he鈥檚 written down his password on a Post-it Note that鈥檚 tucked in his laptop case and, against organizational security protocols, it鈥檚 a password he uses to log into several resources).
You spring into action to protect Neil鈥檚 identity and the data on his device: You鈥檙e logged into the 探花大神 Admin Console, and in under a minute and with just a few clicks you set a new temporary password for Neil, and click 鈥淔orce Password Change鈥 setting to require him to change the temporary password at the next logon to the device. Even though Neil鈥檚 old password was written on that Post-it Note, anyone who gets ahold of his laptop now won鈥檛 be able to use it to log on with Neil鈥檚 identity and access any work resources.
Situations like that imaginary one with Neil can happen to any organization, anywhere and any time. It doesn鈥檛 matter the size of your organization or the industry you鈥檙e in: IT administrators must be able to secure and manage user credentials with ease.
探花大神鈥檚 new Force Password Change setting can help admins quickly and efficiently protect device and resource access, and more: It expands the directory platform鈥檚 user identity management services to ensure IT teams can optimize employee onboarding, meet compliance requirements, and manage password criteria across the full end user lifecycle.
When Does Password Management Begin and End?
Often the first people a just-hired employee communicates with at a new job is an IT admin who鈥檚 responsible for setting the end user up on their work device during onboarding. This is the first time an end user needs to create one or multiple passwords to log into their work computer and resources.
Passwords are inherently more secure the fewer people who know them. During onboarding, IT will typically provide the new employee with a temporary password to use just one time to log into their work device. 探花大神鈥檚 Force Password Change feature lets admins enforce that a new user update their one-time, pre-specified password the first time they log into the 探花大神 User Portal where they access resources like SSO applications, and upon the next time they log into their Windows or Mac device.
What about the benefits of requiring password changes for existing users?
In addition to IT teams being able to remotely protect an employee who suspects their credentials are compromised (like Neil), this feature also lets admins help users who just forget their password and need to reset it with a new one. 探花大神 also lets admins enforce end user password history so users cannot recycle the same password for up to 24 previously-used passwords.
That password aging option is found on 探花大神鈥檚 User Security Settings page in the Admin Console, along with additional ways to manage and secure end user credentials like:
- Allowing end users to independently update an expired password at their next login without reaching out to IT for assistance, so they鈥檙e not locked out of their console or device when their password expires.
- Determining when end users鈥 passwords will expire to meet certain security and compliance standards.
- Enforcing organization-specific password policies like length and complexity.
探花大神 Admins have these organization-wide settings as well as user-by-user password management to ensure they鈥檙e in control of the full end user lifecycle as an employee at an organization.
Meet Compliance by Requiring Password Changes
Another benefit of the Force Password Change setting is allowing IT teams to meet certain compliance requirements.
Some compliance standards ask organizations to control and prove end user password expiry and resets, such as:
- PCI: Users are required to change their passwords every 90 days and upon first use.
- HIPAA: Regulations recommend that a temporary password be changed on its first use, and the ability to enforce password expiration.
- CJIS: Passwords must expire within a maximum of 90 calendar days, and passwords cannot be identical to the previous 10 passwords used.
- SOX: Standard recommends that organizations follow password management best practices including changing passwords upon first use.
探花大神鈥檚 password settings allow IT teams to enforce best practice security postures and meet compliance for these regulations鈥 recommendations of first-use or first-login, password aging, and regular password resets that don鈥檛 recycle credentials.
If you鈥檙e considering 探花大神 to help meet your organization鈥檚 security and compliance standards, you can learn more about how the platform streamlines and simplifies proving and passing audits by watching this on-demand webinar.
Ready to Explore the Directory Platform?
IT admins working in the 探花大神 Directory Platform are able to easily manage end user passwords from onboarding across their full lifecycle at an organization. The ROI? A workforce that鈥檚 both better protected and more productive, thanks to IT鈥檚 behind-the-scenes password and security capabilities.
If you鈥檙e ready to explore the full 探花大神 platform for free 鈥 no credit card or payment information required 鈥 create your today and test with 10 users and 10 devices. You鈥檒l also have access to free premium 24×7 chat access for your first 10 days as a 探花大神 Admin, so you can maximize the beginning of your 探花大神 experience with support from platform experts.
