Book Demo!

Password Rotation in a Context

Privilege Account Management (PAM) workflow uses automated policy driven password reset for the following purposes

  • Minimise number of users who know the password
  • Minimise number of accounts with elevated privileges
  • Minimize number of hard coded passwords in process automation software
  • Ensure that users utilize central place with permission controls, notifications and audit logging to access privileged accounts, servers and IoT devices
  • Maintain strong unique passwords for multiple privileged accounts
  • Reduce a number of factory or image default passwords
  • Control access to privileged accounts using a central management portal

XtonTech Xton Technologies Privileged Account and Access Management Automated Password Reset Rotation

Three Components of the Password Reset Process

Password reset process configuration involves three basic components.

  • Password Reset Formula
  • Password Reset Policy
  • Password Reset Strategy

Password reset formula defines the strength of the password in terms of the password length, requirements to include certain characters in the password (such as a number, upper or lower case letters, special characters), limitations on password history reuse and some other settings. Record types (like all unix or windows host records) define generic reusable password reset formula for all records of this type with the option for each individual record to overwrite password formula settings.

Password reset policy specifies the moment when the system has to reset password. The options for policy include periodic password reset (guided by the number of days or weeks before the next reset) and event-driven password resets such as a requirements to reset password after the record created, updated or some user unlocked the password. The policy also includes the option for the record owner to initiate a password reset on demand. For the simplicity of the configuration the system applies the same policy for all records located in the same folder with the option to override policy for an individual record or a subfolder.

Password reset strategy dictates the software algorithm to use to reset the password. The options include direct remote connect using device remoting API interface or GUI-based console login. The strategy also includes the option to use a shadow account to reset the password that cannot change its own password and also the option to use custom PowerShell, Visual Basic or Shell script for password reset. Like in the case with password reset formula the default password reset strategy could be defined for all records of a certain record type with the option to override it for an individual record.

Video Demonstration

Watch the video demonstration below to see how password reset formula, policy and strategy work together to ensure security of the privileged accounts in the network


About us

Xton Access Manager is an agentless, cross-platform privileged access management solution with unlimited licensing model built from the ground up with an enterprise feature set. Simple to implement, without your typical enterprise cost and effort.

Please fill out this form to receive a download link to get started today with free 60 days trial. Documentation is available to help. You can email or call us to request a trial extension, ask questions and share your feedback. We would love to talk to you.

    Please fill out the form below to download Xton Access Manager.

    What interests you most about Xton Access Manager?

    Trial registration may take up to 30 seconds to complete. Please do not Refresh this page after submitting.


    Categories: xton

    Mark Klinchin

    I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

    Related Posts


    How to enable Windows Remote Management using domain policy

    Xton Access Manager (XTAM) uses Windows Remote Management technology to execute jobs such as password reset on the remote Windows computers. WinRM is enabled on the windows computer using the following command executed from command Read more…


    Configuring Windows Server NLB for Multi-Node Deployment

    Configuring Windows Server NLB for Multi-Node Deployment Architecture This article discusses details of Windows Network Load Balancer (NLB) configuration to balance two or more XTAM Server nodes. Earlier we discussed XTAM Server multi-node architecture built Read more…


    The Challenge of Multi-Factor Authentication and Shared Accounts

    Recently, I wrote about the importance of combining multi-factor authentication (MFA) and privileged access management. According to 2018 Global Password Security Report, 45% of organizations are already using two-factor authentication (2FA) and the 451 Group Read more…

    Copyright © 2020 Xton Technologies, LLC. All rights reserved.