Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

[How To] Break Glass Password Checkout from an iOS Mobile Device

11 April,19 at 11:50 AM


Centrify Infrastructure Services (Privilege Service) can securely store account and password combinations for local accounts.


 In a break glass scenario, an authorized user can checkout a password using the Centrify mobile app.

The password can subsequently be checked in manually or automatically after a set period of time and potentially rotated if it is a managed password.



 The following are prerequisites for password checkout to be available to users:


  •  Centrify Portal with Infrastructure Services
  •  User in a Centrify role with privilege service administrative rights
  •  User with view permissions to relevant Systems and view and checkout permissions for the Accounts in the 
    Centrify portal


The following steps will enable an authorized user to checkout and check-in passwords using the Centrify App on an iOS mobile device:


1. Enroll user's iOS device to the Centrify Portal:


     A mobile device enrollment can be initiated from the Centrify User Portal Devices tab by clicking on Add Devices




     Alternatively, the Centrify App can be downloaded and installed directly from the Apple App Store: 




2. Open the Centrify App and log in with user credentials for accessing the Centrify Portal:




3. Enroll the mobile device:




4. Click on the dropfown menu and open the Systems tab:







5. Select a system with the account password to be checked out for the break glass scenario:





6. Click 'Checkout' to display the password


     Note: The App will prompt for a PIN to be set for the Centrify App if one has not already been set.

     Fingerprint authentication using Touch ID can also optionally be enabled:






7. The password can be checked  back in manually using the Checkin button or will automatically check-in after a configrable period of time and in the case of a managed password be rotated so it is no longer known to the user: