Revealing the password of an app
The Password reveal feature allows end usersIn Okta literature, we generally refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. to see the passwords of their apps. This is especially useful if end usersIn Okta literature, we generally refer to "users" as the people who serve as Okta administrators. When we refer to "end users" we are generally referring to the people who the administrators serve. That is, those who use Okta chiclets to access their apps, but have no administrative control. need to reenter a long, complicated, and randomly-generated password into another device.
For this feature to to work:
- An adminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. must enable Password reveal for the particular appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in..
- The end user must have permissions to manage the app's password.
- End users cannot reveal the password of an app configured with shared credentials.
If this feature is enabled for the app, end users can do the following:
- Select the Settings icon for the app whose password you want to reveal. The App Name > Settings screen appears:
- Select the See Password tab; initially the Password field is masked.
- Click Reveal Password. The password is displayed. End users can now copy the password and paste it into another device.
- Okta stores the end user's credentials in an encrypted format using strong encryption combined with a customer-specific private key. When end users click an application icon, Okta securely posts their credentials to the app login page over SSL and the user is signed in automatically.
- For SWAAn acronym for Secure Web Authentication. SWA is a SSO system developed by Okta to provide single sign-on for apps that don't support proprietary federated sign-on methods or SAML. Users can enter their credentials for these apps on their homepage. These credentials are stored such that users can access their apps without entering their credentials each time. When users first sign-in to a SWA app from their homepage, they see a pop-up message asking if they were able to sign-in successfully. apps set to the Users share a single username and password set by administration option, only Super or App Admins can view or change the password; however, a Group Admin can use the Reveal password button to expose the password.
- The revealed password disappears after one minute. To show the password again, users click Reveal Password.
- If users have been logged in for longer than 15 minutes (or haven't clicked Reveal Password in longer than 15 minutes), they are prompted to reauthenticate with Okta. The app's password is revealed after reauthentication.
- This feature is not available for end users when any of the following app sign-on options are selected:
- Administrator sets username and password
- Administrator sets username, password is the same as user's Okta password
- Users share a single username and password set by administrator