User accounts and passwords for individual systems cause users and service desks an inordinate amount of pain. As password complexity rules are enhanced within some systems and limits are placed on other systems the standard rules for passwords can become complex. Limitations on some systems may mean that instead of having complex, secure passwords a policy of 'lowest common denominator'for password policies is adopted. An example of this could be the use of an IBM system where passwords are not case sensitive and are limited to 8 characters.

Other systems may have case sensitivity but not allow specific words (password as an example) or not support punctuation characters.

By using Identity management the passwords in connected systems can be monitored and kept at the highest level appropriate to the system. This would mean that the IBM systems mentioned above could be given a case insensitive version of the user's password while the main password is maintained as mixed case.

In some cases within financial companies specific systems are excluded from password synchronisation. As an example one bank forces a password change to all users from a central site on the 1st of each month. This password is randomly created by the system administration team and the user is then notified of the password. By using Identity Management and Single Sign On it is possible to advise the SSO system of the new password, allowing the user access without the user ever knowing that the password as changed, or what the password is.

Password Self Service

Password Self Service is a convenient and secure process enabling users to reset their primary email account password without needing to call the help desk.

This password self service function is a highly available service offered to users on a 24*7 basis, helping users to be productive quickly and reducing the costly overheads, pressure and call volume associated with IT helpdesk.
.