A little knowledge is a dangerous thing. This is why we will explain the Password Life Cycle today. From Password and Account Management over Identity up to Privileged Access Management: We promise you action and beautiful memories. That’s why we have prepared a special comparison for this complex subject which will trigger some nice pictures: Remember your last holiday?
Booking your hotel: Identity Management
Your last holiday: You have booked the overnight stay in advance – including the duration of your stay, meal option, room selection and bookable extras. To do this, you had to register online with your personal data. So we start with Identity Management: The hotel checks your details and sends you a booking confirmation that allows you to check in. Nothing else happens in Password Safe when the administrator (the hotel) uses your data to create a personal account, including access permission, for you.
Your hotel stay: Password Management
Well prepared and relaxed, you arrive at the hotel in the early evening to check in and drop off your luggage. The receptionist will hand you a plastic card that acts as a room key. The plastic card will give exclusive access to your room for the duration of your stay. The baggage (your passwords) will be securely brought to your room (encrypted), to which only you have access (password management). A clear case of password management!
At this point, it doesn’t matter if you have booked just one night’s accommodation with breakfast or a full week of All Inclusive. Neither is it important if you are the hotel manager, an employee or a guest: Password Management does not say anything about permissions or privileges which we will come back to later. And off we go to the city!
Grant or prevent access: Privileged Account Management
Late in the evening you arrive at the hotel again and pull the door – but it’s locked. You’re afraid there’s no one left at the front desk who could let you in. Then you notice a note at the door: “Reception opening hours: Daily from 06:00-23:00 o’clock. In the meantime, please use your digital room key.” So you rummage out the plastic card, put it in the slot and the door buzzes (Password Safe Login). So you were granted guest access to the hotel lobby.
Privileged account management at its best: A hotel thief – a physical hacker of the system – would have already failed here. Even if you would try to enter the unbooked spa area or another room with your card (e.g. uncovering the password of another department), this would be prevented and the attempted breach would be logged on your card. This process is comparable to auditing and reports in Password Safe.
Guest or employee? Privileged Access Management
The next morning you scare up because someone is trying to get into your room by using the door handle. “Room service!” you can hear a voice from outside (password retrieval only by reasoning). The cleaning staff must have overlooked the note at the door. Never mind. Because Privileged Access Management has ensured that no one can gain access without your permission.
Comparing roles: The Hotel Manager – or administrator – has privileged access to all rooms. The “cleaning service” role allows all hotel rooms to be temporarily entered (remote access via remote desktop control). However, only with the right to clean up and not for overnight accommodation, of course. The “Do Not Disturb” note can be compared to the notification system in Password Safe. Since you booked breakfast, you can enter the dining room in the morning to eat there. But you are not supposed to be in the kitchen as you would need the employee role and permission to “work in the kitchen.”
During check-out you hand over your room key again: So you log out. Now you no longer have access to your hotel. The room (your account) and the associated plastic card (your entrance) are already being prepared for the next guest (Password Reset). The lock is changed periodically: Privileged Password Management.
We’ve come full circle. There is still one thing in common: As with the selection of the hotel, you should only settle for the best with your password manager. With Password Safe, you’ve definitely booked the 5-star category!