NOVEL ACCESS MANAGEMENT SOLUTION FOR ENDPOINT, SERVERS AND APPLICATIONS WITH AUTOMATED PASSWORD ROTATION FUNCTIONALITY

摘要

This is an enterprise access management solution that helps users to securely log in to enterprise networks using a single password or passphrase without having to change them as often as organizations require. It addresses the most important drawbacks in password authentication: uniqueness, complexity and rotation.;This solution generates a cryptographically-strong pseudo random system-password from mathematical operations carried out on values taken from the password entered by the user during login process. Given the same logon-password, the method will generate the same system-password, every time the user logs in.;The generated system-password used to log in to the system is ephemeral. This means that, once generated, the system-password will be forwarded to the authentication server and then discarded, it will never be stored and it is unknown to the user. The solution does not store any passwords or personal information either locally or remote.;Separating the users from the system-password, provides the flexibility to automate the standard system-password change procedures without user intervention, allowing shorter password rotation periods.;This method intelligently makes use of automation to enhance enterprise security, minimizing human involvement by removing manual tasks.