beautypg.com

Multiple credentials overview, Operations requiring multiple authentication – HP Secure Key Manager User Manual

Page 231

background image

Description

Component

Enter the minimum password length. The default length is 8. This value applies to all
passwords on the SKM (local administrator, user, backup, tamper resistance, and
cluster).

Minimum Password
Length

Select one or more additional password constraints. You can require that the password
contain at least one:

Lower case letter

Upper case letter

Number

Special character

These values apply to all passwords on the SKM (local administrator, user, backup,
and cluster).

Password Must Con-
tain At Least One

NOTE:

Changes made to this section (with the exception of the Password Expiration feature) apply to
passwords created after the changes are saved. For example, if all administrator passwords are 8
characters long, and you change the minimum password length to 12 characters, the administrators
do not have to immediately change their passwords. Rather, the next time your administrators change
their passwords, they must comply with the new rules.

Multiple Credentials overview

If your configuration of the SKM includes multiple administrators, you can stipulate that some
administrative and key management operations require authorization from more than one administrator.
The multiple credentials feature provides an additional layer of security by protecting your high-level
functions.

You can predetermine the number of administrators required to confirm certain operations, let
administrators give their credentials to one another for a set period of time, and enable multiple
credentials functionality within a clustered environment.

Operations requiring multiple authentication

When the feature is enabled, the following operations require multiple authentication:

Disable Multiple Authorization

Create/Edit/Delete/Import Keys

Edit a key's owner, delete, and export properties

Add/Edit/Delete key group permissions

Create/Edit/Delete users

Create/Edit/Delete groups

Add/Remove users from a group

Create/Edit/Delete authorization policies

Modify LDAP server settings

Create/Edit/Delete administrators

Restore backups

Rollback system

Secure Key Manager

231

See also other documents in the category HP Storage: