On many systems, privileged passwords used by systems administrators, embedded in applications or used to launch services are never changed.

This may be because they are too numerous to change or because there are dependencies between people, services and passwords, which are difficult to update after a password change.

As a result, the most sensitive passwords in many organizations are also the passwords that are least securely managed and which intruders may try to guess at their leisure.

• Privileged Password Manager can randomize privileged passwords frequently -- normally every day.
• Privileged Password Manager includes various mechanisms to disclose current password values to authenticated and authorized parties:
  • To day-to-day administrators, subject to authentication and access control policies.
  • To staff in the event of an emergency or one-time need, subject to workflow authorization.
  • To service-launching programs on Windows, after every password change.
  • To applications, via a SOAP API, replacing embedded, plaintext passwords.

Using Privileged Password Manager, static passwords are eliminated.