Working with Secrets

SecretStore Status
By default, a user's Novell® SecretStore® is unlocked. It gets locked if the enhanced protection feature is enabled and the administrator changes the user's eDirectory TM password.

If the user's SecretStore is locked, the following can unlock it:

Scenario: SecretStore is running on the server. The administrator has enabled SecureLogin's enhanced protection. Andre has at least one secret that resides in SecretStore. The administrator changes Andre's password and then tries to log in as Andre. SecretStore locks Andre's SecretStore. To enable Andre to log in, the SecretStore administrator clicks Unlock.

Master Password
A master password is useful if your secrets are locked and you can't remember your previous eDirectory password. By entering a master password, you gain access to your SecretStore.

By default, your master password isn't set. Only you can set your master password.

If the SecretStore client isn't installed and running on the workstation, you can't set a master password.

If you use SecureLogin with SecretStore, your master password is set when you create a passphrase answer in SecureLogin.

To set your master password:

  1. Make sure that you are logged in to eDirectory as the user (not as Admin or another role).
  2. Click Set.
  3. Type and confirm the master password.
  4. Type a hint that's easy for you to remember the answer to but one that isn't obvious to an onlooker.
  5. Click OK.

Secrets: Display
A shared secret follows a specific naming convention and format in its data. SecretStore supports two types of shared secrets: application shared secrets and credential-set shared secrets.

From the drop-down list, select how you want SecureLogin to display information about your secrets.

To create a new secret, select the type from the Display drop-down list, then click New.

To view information about a secret (for example, whether it's locked or has enhanced protection), select the secret, then click Edit.

To delete a secret:

  1. Select one or more secrets.
  2. Click Delete.
    If the secret is a shared secret, the secret is placed in a deletion-pending state. This state notifies SecureLogin to delete its data for this shared secret. SecureLogin then deletes the secret. If you purge the shared secret, SecureLogin re-creates the shared secret. Therefore, if you are using SecureLogin, click No on the Deletion is Pending dialog box. If you aren't using SecureLogin, click Yes to purge the shared secret.

Delete All
Deletes SecretStore, including your master password.

A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For more information, see Legal Notices.