Enterprise Password Management Software
Application-to-Application Password Management
Eliminating hard-coded passwords
For Application-to-Application or Application-to-Database communication that happen without human intervention, normally organizations define the access permissions in one application (say Application 'A') and hard-code the passwords to access the Application 'A' in scripts or embed them in the calling application (say Application 'B') itself.
These hard-coded passwords pose a significant security threat as malicious users getting access to the script could easily decipher the password and unleash disaster.
Password Manager Pro provides effective ways to eliminate the hard-coded passwords. If you have applications in your infrastructure that require connecting to other applications using a password, they can query PMP to retrieve the password. One application (say Application A) would contact the PMP for the password to access another application (say Application B). On getting the password, 'A' would contact 'B' and all these have to happen without human intervention.
This way, the application-to-application (A-to-A) passwords can also follow good password management practices like periodic rotation, without the trouble of manually making the updates at many places. Same procedure can be used for Application-to-Database password management (A-to-DB).
PMP provides Password Management APIs using which any enterprise application or command line script can programatically query PMP and retrieve passwords to connect with other applications or databases.
PMP provides two flavors of the API for this purpose:
Both the forms use PKI authentication for allowing access to the PMP application through the API. The XML-RPC API also comes with a Java Wrapper API to make it easy for integrating it with Java applications.
"Password Manager Pro is an excellent choice for password management.
Don Garvey, Director of Operations BlueVault, USA.