EmpowerID's Privileged Access Management (PAM) feature allows you to protect and manage any type of credentials used within your organization to include privileged accounts that are not computer logins. In EmpowerID, these type of credentials are known as "non-computer" or "shared" credentials. Non-computer credentials are vaulted user names and passwords that can be requested and checked out by users to access the specific applications and other resources authorized by those credentials. When you vault a non-computer credential, you specify the type of credential you are vaulting and link it to the Shared Credential policy for that credential type.
When a request for a non-computer credential is approved, users check out the credential to access the resources authorized by the credential. When the user is done with the credential—or the allocated time frame for using the credential has expired—the credential is checked in. Depending on the policy associated with the credential, the password may or may not be reset by the EmpowerID system.
If the Default Access Duration in Minutes setting on the policy to which the credential is linked has been reached, the EmpowerID system automatically checks in the credentials and terminates the users access to those credentials. If more time is needed, the user will need to request access again.