Novell Home

From the Inside Out: Taking Advantage of the New Universal Password

Novell Cool Solutions: Feature
By Shawn Dickerson

Digg This - Slashdot This

Posted: 19 May 2004
 

Taking Advantage of the New Universal Password
Shawn Dickerson, product marketing manager for Novell eDirectory

Since the introduction of its One Net vision, Novell has helped thousands of organizations around the world blend heterogeneous systems into manageable, unified networks. Novell eDirectory, the world's most advanced high-end directory service, has been a key to that success. Running on a host of server operating systems and supporting a wide range of industry standards, eDirectory has given businesses an identity foundation that spans the organization.

Yet despite eDirectory's extreme interoperability, the traditional Novell password has, at times, proved to be an obstacle in this integration. In the past, administrators have had to manage multiple password types (such as a simple password, NDS password and enhanced password) because of password limitations. Administrators have also had to deal with keeping the passwords synchronized.

With the release of Novell eDirectory 8.7.1 (and additional functionality in version 8.7.3), Novell introduced Universal Password to address these challenges by simplifying the integration and management of different password and authentication systems into a coherent network.

Benefits of Universal Password

In particular, Universal Password delivers a number of important benefits:

Provides one password type for all access to Novell eDirectory
While end users have always seen only one password for Novell eDirectory, behind the scenes administrators have often had to manage several different passwords types because each is optimized for different functions. For example, an NDS password is extremely secure, because only an encrypted version of the password (a hash) is stored in eDirectory. While that level of security is ideal for some organizations, by its nature, the password hash is also not reversible, making an NDS password inaccessible by other applications. In contrast, a simple password can be easily passed among connected applications, but it doesn't provide support for password policies, creating a potential security risk as a result of weak passwords.

Juggling these various password types not only complicated management and increased support costs, but it also gave rise to a number of problems that could occur if those different passwords were out of sync. The new Universal Password eliminates these back-end obstacles by combining characteristics of each, enabling a single password type that is securely encrypted but also accessible to other applications. The result is dramatically simplified administration and tighter, password-based security.

Enables the use of extended characters in a password
Particularly for multi-national corporations with offices around the globe, business encompasses many languages and cultures. To accommodate that diversity, Universal Password allows the use of international/extended characters in passwords.

Enables advanced password policy enforcement
With Universal Password, organizations can set and enforce password policies, to make sure that weak passwords are not an open front door to the corporate network. Among the supported policies are minimum or maximum characters, an "excluded password list," expiration settings, a unique password requirement, and many others.

Allows synchronization of passwords from Novell eDirectory to other systems
Finally, when deployed with Novell Nsure Identity Manager, Universal Password allows customers to synchronize the eDirectory password with virtually any application -- giving rise to advanced password management solutions that span the enterprise.

Taken together, these benefits make a compelling case for deploying Universal Password -- not only to strengthen password-based security but also to eliminate some behind-the-scenes administrative complexity. Have you deployed Universal Password? What results are you seeing? Tell me about it at sdickerson.removethis@novell.com.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell