Unauthorised User Access

Author: [email protected] 80 views

Unauthorized user access to the MyPass Password Manager solution is restricted through a variety of methods:

  • Notifications of authentication attempts or password resets (including 53 other optional notification templates) are sent to the user.
  • A user cannot answer the same challenge question twice, or have the same answers to questions.
  • MyPass Password Manager always checks if a user is still enabled and active in AD before the user can use the service (the solution will never enable users that are disabled in the target repository).
  • Users are locked out from MyPass Password Manager (not Active Directory) after three failed verification attempts. Helpdesk assistance is required to unlock the account.
  • CAPTCHA protection can be added to protect against robotic intrusions.
  • Optional two-factor authentication can be implemented for specific user groups.