Unauthorised User Access

Unauthorized user access to the MyPass Password Manager solution is restricted through a variety of methods:

• Notifications of authentication attempts or password resets (including 53 other optional notification templates) are sent to the user.
• A user cannot answer the same challenge question twice, or have the same answers to questions.
• MyPass Password Manager always checks if a user is still enabled and active in AD before the user can use the service (the solution will never enable users that are disabled in the target repository).
• Users are locked out from MyPass Password Manager (not Active Directory) after three failed verification attempts. Helpdesk assistance is required to unlock the account.
• CAPTCHA protection can be added to protect against robotic intrusions.
• Optional two-factor authentication can be implemented for specific user groups.