Enabling application passwords
Application passwords can be used to provide a secure login for applications that do not support forms-based authentication. For example, they can be used to access applications that require passwords on a mobile device or for organizations that use federated identity and service login passwords are not used. When you enable application passwords, you also have the option of requiring the use of application passwords, and of allowing mobile users to bypass IP restrictions.
About this task
You can also disable the use of application passwords at any time. Then, if users have created an application password, the application cannot be accessed because the password is no longer effective.
Organizations that do not use federated identity can disable the use of the standard service password for mobile applications.
Procedure
Results
- If enabled, users can generate an application password for the IBM® Traveler.
- Application passwords can be shared across mobile products, including IBM Traveler, IBM Sametime®, and Connections Cloud.
- If you did not select the option Require applications to use application passwords to access this site, then using an application password is optional for users. However, if you have IP range restrictions enabled, they will not be able to log in using their service password unless they are within the IP range.
- Application passwords are generated by the service when requested by users. The generated passwords displays to the user only once, and cannot be recovered.
- Users can revoke and generate a new application password at any time. There is no limit to the number that can be generated.
- Passwords are generated using cryptographically strong random number generator. They are 16 characters long, and not case sensitive. Users should enter the password once into their device and allow the device to save the password.
- If there are ten failed login attempts, the account is locked for three minutes.