A passphrase is an integral part of the security architecture of SecureLogin. It can be used to secure SSO data when a user authenticates to applications.
You can set passphrase policies in the Passphrase Policy Properties Tables of the Administrative Management Utility, the iManager SSO Plug-in, or Group Policy snap-ins. You can set a policy to restrict the format and content of passphrase responses, including length, whether numeric characters are required, and whether the passphrase must be uppercases or lowercase.
Passphrases are an important security component in a SecureLogin implementation. Passphrases are a unique question and response combination created to verify and authenticate the individual. In a directory environment, you can create passphrase questions for users to select and answer. You can also permit users to create their own question and response combination.
Passphrases protect user credentials from unauthorized use. For example, in a Microsoft* Active Directory environment, administrators can log onto the network as the user by resetting the user’s network password. With SecureLogin, if someone other than the user resets this network password, SecureLogin triggers the passphrase question. An administrator cannot access the user’s SecureLogin SSO-enabled applications without knowing the user’s passphrase response.
When SecureLogin starts for the first time on the user workstation, the Passphrase setup dialog box is displayed.
Passphrases are used to authenticate when:
Passphrase benefits include:
NOTE:You can remove the passphrase security system but this removes the features listed above.