View managed password history

Administrators might need to disclose a password for a managed user account from a specific point in time. Commonly you need to disclose passwords to restore a machine from backup, when the current managed password will be different from the latest password stored within Local Security. Thus administrators need to view the password history for a managed account.

Local Security Solution (LSS) provides password history via the Resource Manager console or the Help Desk console (for details, go to Resource Explorer Console and Help Desk Console).

View password change report from Resource Explorer

To view your password change report, do the following steps:

  1. In the Thycotic Security Manager, click the Policies tab.
  2. In the file library in the left pane, navigate to Policies > Thycotic Solutions > Local Security > Resources > Local Users. 
  3. In the right pane, right-click a local user and click Resource Manager.
  4. In the Resource Manager, click the Data tab.
  5. At the bottom of the left pane, click the Event Classes bar.
  6. In the file library, navigate to Data Classes > Security Management > Password Change.
     
  7. In the right pane, right-click a report in the Changed column, and then click Show Historical Password.
     

The password disclosure screen will then display the randomized password for the specified date and time. 

View password change report from the Help Desk console

To view the historical password, do the following steps:

  1. Open the Help Desk console.
  2. Select a Computer.
  3. Click a Managed User.
  4. Click to show Historical Passwords.
  5. Select a timestamp and then click View Historical Password.

A historical password disclosure will be logged within LSS the same way a current password disclosure is logged.