The Password Recovery Console is a web-based application that enables the delegation of password recovery privileges. The Password Recovery Console interface can be accessed from any networked system, and can be configured to allow specific users in your enterprise to recover the password of any or all accounts that have been set and stored by User Manager Pro and/or Random Password Manager. The Password Recovery Console offers granular control that enables Administrators to assign responsibility for recovery of particular accounts or groups of accounts to appropriate employees (such as support or help desk personnel).
The Need for Strong Local Credentials
One of the easiest ways to compromise a corporate network can be through local system credentials. In addition to Domain or Active Directory security, each Windows desktop and server system in the company also has local security; this means that every system has a local Administrator account that allows access to that system, and potentially exposes vital corporate resources.
Microsoft does not provide a convenient way to disable or easily manage all of the local accounts that exist in a company’s Windows environment. Too often, network managers are forced to take a shortcut, like setting a common password for all of their local Administrator accounts. This practice creates a significant hole in the company’s security; if the password is discovered or compromised through a brute force attack (which may not be detected because the attack could be limited to a single system), every system in the company would be immediately vulnerable because all of those systems share the same password.
The mandates of Sarbane-Oxley, HIPAA, Gramm-Leach-Bliley, the California Security Breach Information Acts, NASD 3010, SEC 17a-4, 21 CFR Part 11, DoD 5015.2 require the implementation of reasonably hard to compromise local logon credentials. This requirement is important to prevent the exposure of critical data.