Password Management

The password management capabilities within OpenIAM include:

  • Self-service Password Reset (SSPR)
  • Change password
  • Password synchronization

This functionality works across both cloud and on-premise applications and provide organizations:

  • Reduced password management costs
  • Improved security
  • Ability to enforce strong password policies

Self-service password reset
Self-service password reset allows end-users to reset their own passwords without having to call the helpdesk. Organizations have the flexibility to define how SSPR should be configured and they can use a combination of the options listed below to verify the identity of the user before making the change.

  • Challenge response questions
  • One-time link by e-mail
  • One-time token by SMS or e-mail

Once the user identity has been verified, end users can change their password which is validated against the password policy defined in OpenIAM. The new password can also be synchronized to any target system, such as Active Directory,, SAP, etc. which the user’s identity may have been provisioned too.

SSPR with Credential Providers
Self-service password reset is also available through the Windows and Mac Credential providers.

Captcha can also be enabled in conjunction with the SSPR functionality to further deter unauthorized users from changing password.

Password Change reminders
Based on the password policy, OpenIAM can be configured send out reminders to users informing them of required upcoming password changes.

Password Synchronization
Along with the password policy definitions, password synchronization forms the foundation of the password management functionality. Password synchronization captures the changed password and then synchronizes it across all systems that a user has an identity in. End user efficiency is improved as a result of having to remember and manage only one password across most systems.

Reverse Password Synch from Active Directory
Organizations using Microsoft’s Active Directory, have the option to deploy the Active Directory Password Filter which allows end users to change their password on their Windows desktops. The filter will then capture the new password and securely sends it back to the OpenIAM core for synchronization across all connected systems that this user has an account in.

Helpdesk Identity Verification
While the SSPR tools are designed to avoid helpdesk calls, there are cases where a user may need additional assistance. These cases they will contact the helpdesk. To assist the helpdesk in verifying the identity of the caller, OpenIAM allows helpdesk users to capture answers to a separate set of challenge questions. Once the response has been validated, the helpdesk will be able to assist the caller.

Recent Posts
OpenIAM, next generation identity governance, web access management, MFA and CIAM platform, announced today that it is participating in the launch of Professional Services in AWS Marketplace. Amazon Web Services (AWS) customers can now find and purchase Identity and Access...
The latest commercial version of OpenIAM’s fully integrated next-gen, IAM platform features new capabilities for Customer IAM (CIAM), strong authentication, audit & compliance, and user life cycle for the mid to large enterprise with DevOps tools to simplify both on-premise...
The latest release by OpenIAM adds support for Red Hat Enterprise Linux 8 and continues to extend its scalable microservices based solution OpenIAM LLC, has announced the release of Identity and Access Management Platform version 4.1.6 today. This release adds...
OpenIAM v4.1 provides organizations with a feature complete IAM platform which leverages modern technologies such as Docker, Kubernetes, Elasticsearch and Redis to provide a user-friendly, small footprint solution which is currently in production at mid to large enterprises globally. Cortlandt...
read more
Sign in
Lost your password?

Products of Interest

How did you hear about us?

Registration confirmation will be emailed to you.