Frequently Asked Questions for P-Synch Users

What is P-Synch®?

P-Synch is the industry's leading password management solution. P-Synch helps organizations manage passwords and other forms of authentication more effectively to reduce IT support costs, increase productivity and enhance corporate security. P-Synch features include password synchronization, self-service reset, token management, biometric enrollment, certificate management and more.

P-Synch reduces the cost of password management using:

Password synchronization, which reduces the incidence of password problems for users
Self-service password reset, which empowers users to resolve their own problems rather than calling the help desk
Streamlined help desk password reset, to expedite resolution of password problem calls

P-Synch strengthens security by providing:

A strong, enterprise-wide password policy enforcement facility
Effective user authentication, especially for self-service and assisted password resets
Password synchronization, to help users remember, rather than write down, their passwords
The ability to securely delegate the right to reset passwords to front-line support staff
Accountability for password resets
Encryption of all transmitted passwords

To find out more about P-Synch, visit http://P-Synch.com.

How do I synchronize my passwords?

P-Synch helps users to maintain a single password across every system, as follows:

If transparent synchronization is deployed, whenever users change their Windows network password, all other passwords are automatically synchronized.
Alternately, users can synchronize all or some of their passwords from a web browser. Users sign into a P-Synch URL with their network login ID and password, type a new password and wait a few seconds for the new password to be applied to their various accounts.

Users normally receive an e-mail confirmation after password synchronization is complete, with either method.

I forgot my password -- how do I fix it?

In the event that a user forgets any of their passwords, the user can access P-Synch from a web browser (click on P-Synch on the Intranet), from their workstation login screen (type help for the login ID, leave the password field blank and press Enter), using a GINA extension DLL or service (new user interface element added to the workstation login screen) or by calling the help desk phone number and dialing the menu option for a password problem.

Regardless of how the user accessed P-Synch (web, login prompt, phone), they must sign in by typing their network login ID. The user will then be prompted to answer a series of personal questions. Once the user has answered enough questions correctly to satisfy the company security policy, they can select a new password for themselves. The new password will be applied to some or all of their login IDs in the next few seconds.

The user will receive an e-mail confirmation after the password reset is complete.

Why do I need to register, and how do I do it?

In some environments, users have to register with P-Synch to provide data such as Q-A (Question-and-Answer) profiles or to attach login IDs on systems with non-standard naming conventions to their profiles.

P-Synch manages registration automatically:

An auto-discovery process, executed nightly, reconstructs a master list of P-Synch users based on changes in the list of users on one or more authoritative systems such as Active Directory, Novell NetWare or LDAP.
P-Synch user profiles are tested for completeness -- a minimum set of Q-A (Question-and-Answer) data; login IDs on mandatory systems and so on.
Users whose profiles are incomplete may be asked to register. P-Synch normally prompts for registration by sending SMTP e-mails to users, with instructions and an embedded URL.
Controls are applied to limit the total number of registration requests nightly and the minimum interval between successive registration e-mails to a single user.
Users register by clicking on the URL in their invitation e-mail, signing in with their network login ID and password and filling in the blanks on one or two web forms.

This process is fully automated and unattended. It is secure, since sensitive information, such as passwords or PINs, is never transmitted over an insecure channel (e-mail).

This process is configured to minimize load on the help desk and e-mail delivery system (maximum registration invitations per day).

This process is configured to minimize nuisance to individual users, by ensuring that reminders to register are not too frequent.

This process is effective and reliable, since users are reminded to register until they comply.