Skip to main content

Password randomization

Product administrators can randomize passwords on managed systems. Product administrators must have the "Manage managed system policies" or "Create managed systems" administrative privilege, and belong to a user group with the following permissions on a given managed system policy :

  • View properties for this policy

  • Modify properties for this policy

  • Randomize/override password of managed accounts

Passwords are reset with a new randomized value and the old password is archived. Results are saved in a report that can be viewed by product administrators. To override passwords with a specified value, see Overriding passwords .

For push mode managed systems, Bravura Privilege resets passwords right away. If a password reset fails, the Privileged Access Manager Service (idarch) attempts to reset the password again at the next poll interval.

For local service mode managed systems, clicking Randomize password causes a password reset at the next poll time.

Vault-only managed systems passwords must be overridden; randomization does not apply to these managed systems .

There are several ways to randomize passwords.

Randomize passwords on all managed accounts in a managed system policy

To randomize passwords for all managed accounts in a managed system policy :

  1. Click Manage the system > Privileged access > Managed system policies.

  2. Click the Randomization tab.

  3. Select the checkbox for the managed system policy .

  4. Click Randomize password.

    You must confirm this action. You may need to wait while all passwords are randomized and the resulting page reloads.

  5. Click the Check results here link to view the progress and results of the randomization.

Randomize password on an account in a managed system policy

To randomize the password for an account in a selected managed system policy :

  1. Click Manage the system > Privileged access > Managed system policies.

  2. Select the managed system policy you want to access.

  3. Click the Managed accounts tab.

  4. Click the Randomization sub tab.

  5. Select the checkbox for the account.

    If the managed system policy is set to Synchronize all accounts in policy, then resetting any password in the policy causes all passwords in the policy to be reset.

  6. Click Randomize password.

    You must confirm this action. You may need to wait while all passwords are randomized and the resulting page reloads.

  7. Click the Check results here link to view the progress and results of the randomization.

Randomize passwords on all managed accounts on a managed system

To reset passwords for all managed accounts on specific managed systems:

  1. Click Manage the system > Privileged access > Managed system policies.

  2. Click the Randomization tab.

  3. Select the checkbox for the managed system.

    If the managed system policy of the system is set to Synchronize all accounts in policy, then resetting any password in the policy causes all passwords in the policy to be reset.

    If the managed system policy of the system is set to Synchronize accounts with same ID, resetting any password in the policy causes all passwords for all accounts with the same ID to be reset.

  4. Click Randomize password.

    You must confirm this action. You may need to wait while all passwords are randomized and the resulting page reloads.

  5. Click the Check results here link to view the progress and results of the randomization.

Randomize passwords on a member system in a managed system policy

To reset passwords for all accounts on a managed system in a selected managed system policy :

  1. Click Manage the system > Privileged access > Managed system policies.

  2. Select the managed system policy.

  3. Click the Member systems tab.

  4. Click the Randomization sub tab.

  5. Select the checkbox for the managed system.

    If the managed system policy of the system is set to Synchronize all accounts in policy, then resetting any password in the policy causes all passwords in the policy to be reset.

    If the managed system policy of the system is set to Synchronize accounts with same ID, resetting any password in the policy causes all passwords for all accounts with the same ID to be reset.

  6. Click Randomize password.

    You must confirm this action . You may need to wait while all passwords are randomized and the resulting page reloads.

  7. Click the Check results here link to view the progress and results of the randomization.

Randomize password on a single account

To reset passwords for a single account:

  1. Click Manage the system > Privileged access > Managed accounts.

  2. Select the checkbox for the account.

    If the managed system policy of the system is set to Synchronize all accounts in policy, then resetting any password in the policy causes all passwords in the policy to be reset.

    If the managed system policy of the system is set to Synchronize accounts with same ID, resetting any password in the policy causes all passwords for all accounts with the same ID to be reset.

  3. Click Randomize password.

  4. Click the Check results here link to view the progress and results of the randomization.

In this section: