Enabling password synchronization

Password synchronization is the process of assigning and maintaining one password for all individual accounts that a user owns. Password synchronization reduces the number of passwords that a user must remember. Password synchronization does not affect sponsored accounts.

Before you begin

Depending on how your system administrator customized your system, you might not have access to this task. To obtain access to this task or to have someone complete it for you, contact your system administrator.

You must be a system administrator on the to enable password synchronization.

About this task

You can configure the system to automatically synchronize passwords for all individual accounts that are owned by a user. Then, the user must remember only one password. For example, a user might have two individual accounts: a IBM Verify Identity Governance account and a Lotus Notes account. If the user changes or resets the password for the Identity Manager account, the Lotus Notes password is automatically changed to the same password as the Identity Manager password.

Note: When password synchronization is enabled, Identity Manager does the ACI evaluation for changing password on the person entity. (Before Tivoli® Identity Manager version 5.0, the ACI evaluation was done on the account entity.) If the person ACI grants the user the change password operation, the user can change the password for all associated individual accounts. For sponsored accounts or if password synchronization is not enabled, the ACI evaluation is done against the account entity instead.

If password synchronization is enabled, users cannot specify different passwords for their individual accounts. Password synchronization does not affect sponsored accounts. A user can specify different passwords for sponsored accounts.

Note: When password synchronization is initially enabled, individual accounts of users are not automatically synchronized immediately. Accounts are synchronized when users change passwords or create an account.

To enable password synchronization, complete these steps:

Procedure

  1. From the navigation tree, select Set System Security > Set Security Properties.
  2. Select the Enable password synchronization check box, and click OK.
  3. On the Success page, click Close.

What to do next

You can change and synchronize the passwords for the individual accounts that are associated with a user.