This site requires JavaScript to be enabled
External Customer KB > General > Smart Passwords
Smart Passwords
Article: KB0010514 Published: 07/13/2023 Last modified: 07/13/2023

OneLogin's Smart Password function allows you to capture user passwords from one directory and provision them to another, enabling graceful migration between multiple directories.

There are two types of Smart Password:

  • The global Smart Password eases migration from a third-party directory to OneLogin's own user directory, securely allowing users to avoid having to do a password reset when you transition into OneLogin.

    It does this by capturing a hash of a user's password in OneLogin any time a user authenticates against a remote directory like Active Directory, LDAP, or G Suite. The hash is stored in OneLogin but not the password itself, meaning that your users can authenticate securely without their passwords being exposed.

    Global smart passwords can be enabled in your your OneLogin account settings.

  • The remote directory Smart Password enables migration from one third-party directory another, for example from your Active Directory to an LDAP directory.

    In this case, OneLogin caches a hash of a user's password when the user authenticates successfully to OneLogin against the first remote directory, and then provisions the password to the second. The password itself is never stored in OneLogin.

    You can enable this feature when you configure the receiving remote directory in OneLogin.


Expand/Collapse Comments
:     
Was this helpful?
YesYesNoNo