Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Password Manager 5.13.2 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring access to the Administration Site Configuring access to the Legacy Self-Service Site or Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Legacy Self-Service or Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Feature imparities between the legacy and the new Self-Service Sites Third-party contributions Glossary

Hiding the domain user name on the Self-Service Site

By default, the toolbar and the logout pop-up of the Self-Service Site display both the display name and the domain user name of the logged-in user (in the <User Display Name> <domain>\<username> format). For example:

Sam Smith (domainname\SSmith)

If the security policies of your organization require hiding security-sensitive information (such as the user logon name), you can change this so that the Self-Service Site will show only the user display name (for example: Sam Smith), but not the domain user name.

To hide the domain user name of the logged-in user on the Self-Service Site

  1. In the Password Manager Administration Site, navigate to General Settings > Search and Logon Options.

  2. Scroll down to Security Settings.

  3. Enable Show only user display name on the Self-Service Site.

  4. To apply the changes, click Save.

Once you are ready, logging in next time to the Self-Service Site with any user will display only the user display name of the logged in user.

Hiding personally identifiable information for logged-in users

By default, the toolbar and the logout pop-up of the Self-Service Site display both the display name and the domain user name of the logged-in user (in the <User Display Name> <domain>\<username> format). For example:

Sam Smith (domainname\SSmith)

If the security policies of your organization require hiding personally identifiable information (PII) on the user interface, you can configure Password Manager to truncate PII on the Self-Service Site, for example as:

S** S**** (domainname\S*****)

To hide PII on the Self-Service Site for the logged-in users

  1. In the Password Manager Administration Site, navigate to General Settings > Search and Logon Options.

  2. Scroll down to Security Settings.

  3. Enable Do not show personally identifiable information (PII) for the logged in user.

  4. To apply the changes, click Save.

Once you are ready, logging in next time to the Self-Service Site with any user will display truncated PII for the logged-in user.

NOTE: The amount of user information truncated by the Do not show personally identifiable information (PII) for the logged in user setting is affected by the following options (also configured on the General Settings > Search and Logon Options page):

  • Truncating PII with the Do not allow users to search for their accounts option also selected will truncate the entire expanded PII. For example, setting the Users must enter the following user account attribute... > Self-Service Site sub-setting to mail will result in both the user display name and their email address being truncated. For example, Sam Smith (sam.smith@example.com) will be truncated as:

    S** S**** (s********************)
  • Truncating PII with the Allow users to search for their accounts setting also selected will truncate both the user display name and the domain user name (with the exception of the domain name). For example, Sam Smith (domainname\samsmith) will be truncated as:

    S** S**** (domainname\s*******)
  • Truncating PII with the Show only user display name on the Self-Service Site option also selected will show only the truncated user display name. For example, Sam Smith will be truncated as:

    S** S****

Configuring anti-bot security settings

To prevent bot attacks against your Password Manager deployment, you can configure anti-bot security measures for the Find User page of the Self-Service Site. Password Manager supports configuring CAPTCHA images and reCAPTCHA v2 or v3 security solutions.

Configuring CAPTCHA security images

You can configure the Password Manager Self-Service Site to display CAPTCHA images on its Find User page as an anti-bot security measure.

To configure CAPTCHA images for the Self-Service Site

  1. In the Password Manager Administration Site, navigate to General Settings > Search and Logon Options.

  2. Scroll down to Security Settings.

  3. To enable the CAPTCHA or reCAPTCHA settings, enable Show a security image to prevent bot attacks.

  4. To configure the CAPTCHA settings, select Display CAPTCHA and click Settings.

  5. In the CAPTCHA Settings dialog, configure the following options:

    • Number of characters: Specify the number of characters (1–15) to display on the generated CAPTCHA image. The default value is 5.

    • Noise level: Specify the number and size of noise artifacts on the generated CAPTCHA image. Higher levels mean more difficult readability.

    When ready, click OK.

  6. Under Security Settings, select Show a security image every time the search is performed to perform the configured anti-bot protection check each time a search is performed on the Find User page of the Self-Service Site.

    TIP: Enable this setting for an increased protection against bot attacks.

  7. To apply your settings, click Save.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation