主权项 |
1. A system comprising:
one or more processors; and a memory coupled with and readable by the processors and storing therein a set of instructions which, when executed by the processors, cause the processors to:
provide a password management service maintaining passwords for users of an enterprise along with histories for the passwords for the users within a secure enterprise environment, each password history comprising a log of previously used passwords for the user, wherein each password represented in the password history is replaced with substitute text masking the password, and wherein the password management service does not permit the passwords to be exposed outside the secure enterprise environment, andprovide a password audit service interacting with the password management service, the password audit service receiving a request to audit the passwords, inspecting the password histories without accessing the passwords, performing the audit for the passwords for compliance with a policy without accessing the passwords, and generating reports, based on said auditing, to demonstrate whether particular users have complied or not complied with the policy, wherein the report masks the passwords and includes an indication as to whether the password complies with the policy and, when non-compliance is detected, a reason for the non-compliance. |