Password Management System for Linux & UNIX

Centrally deploy, modify and delete UNIX/Linux accounts.

Fast and easy UID/GID synchronization

Strengthen password composition, enforce aging and lockouts.

Control who may login to/from which hosts, when, by which methods (including SSH, SU,FTP,X/CDE) and other criteria.

Detailed reports for all account and login activities.

Securely deploy and manage user accounts, passwords and login policies across heterogeneous UNIX/Linux environments, while keeping a centralized audit trail of all related activities. Symark PowerPassword, User Management Edition provides much simpler and more secure user and password management, compared to NIS/NIS+ or LDAP environments.

Once accounts are deployed, PowerPassword enforces highly secure password management policies to secure UNIX/Linux authentication. Access via SSH, FTP, SU, or X/CDE are all controlled and audited with unsurpassed detail. Additionally, PowerPassword's login policies enforce access control to all hosts in the UNIX/Linux network who may login, to/from which host, when, and using what method (telnet, rlogin, ssh, ftp, su, etc.)

Symark Power Password, User Management Edition reduces support costs by enabling delegation of specific account management tasks. For example: Help desk staff can perform password management specific tasks as delegated by your UNIX/Linux administrators.

PowerPassword Diagram - How PowerPassword Works

User authentication and access requests to UNIX/Linux machines are controlled by PowerPassword’s highly secure password and login policies.

User Management

Add, modify, or delete accounts securely from a central point of management across your UNIX/Linux network.

Controlled account deployment to each host’s /etc/passwd, /etc/group, and /etc/shadow

Automatic UID/GID synchronization across hosts for all new accounts

Account Templates pre-define user account parameters and password policies and apply to specified users or groups (e.g., new Accounting user)

Migration of accounts from NIS/NIS+ or other user directories

Post-Processing Scripts enable scripts to execute after account management events and leverage the user account data (e.g., after adding a user, a new database user is then created)

"Division of Privilege" for delegating specific account management activities to different administrators and help desk staff by users, groups, hosts, commands, etc.

Password Management

Strengthen password security and simplify administration

Password aging and reset

Password encryption

Define specific character composition (such as length, alphanumerics, case, punctuation)

Lockout accounts after specified number of failed login attempts

Disable inactive and orphaned accounts

Automatic random generation of passwords

Password Change Agent for secure automated root password resets via SSH.

"Similarity checking" to user name and historical passwords

Support for cracking programs and dictionary checking

Login Policy

Control the login environment

Who –which users and group may login

What – to which hosts

When – time, day, and date

Where – from which host, IP address, or remote location

How – using login, rlogin, telnet, ssh, su, xdm/cde, and define the post login properties for user environments (working directory, shell, etc.)

Logs and Reports for Audits and Regulatory Compliance

Logging of all account, password and login events

Reporting capabilities for all account management activities, password change history, accepted and rejected login attempts, and more

Audit trail of login events includes detailed data about each accepted and rejected login, including which system was accessed, when, from where, using what login method, as well as complete environmental information