Username and password authentication

Username and password authentication can be used as a simple authentication method. It is usually considered a weak authentication scheme because the credentials are static, i.e. they are the same for multiple logins.

With IAM 7.7 support for both combined and separate username and password pages in flow authentication was introduced.

In many cases, username and password are combined with a 2nd authenticator factor to form a strong 2-factor authentication scheme.

• IAM supports the following password-related concepts:
• Password repositories
• Secure password hashing
• Password policies
• Password change self-service (mandatory and voluntary)
• Password reset self-service
• Password management for helpdesk/user admin
• Password letter generation
• End-to-end password encryption

• Configuration in the JSP-Loginapp: Username and password in the JSP-Loginapp
• Configuration in the Loginapp REST UI: Authentication REST API