XID Conversions

Secondary accounts (XIDs) have been created in a legacy way with shared passwords, no password expiration, and no two-factor authentication (2FA). Currently, there are roughly 2000 legacy XID accounts that pose a security risk and are not compliant with the existing account security policy. This project will convert existing XID accounts into passwordless accounts which will reduce the risk of account compromises and bring XID accounts into compliance with the security policy. Additionally, new operational processes will be developed and implemented to maintain passwordless XIDs, and self-service options will be explored. This provides an opportunity to clean up unused accounts. This project seeks to improve security through organization and reducing reliance on legacy on-prem systems.