Citrix MetaFrame Password Manager provides SSO to applications running in a Citrix MetaFrame Access Suite environment and non-Citrix environments.

These applications can include the Windows desktop, plus proprietary, web-based and host-based systems.

It supports password, token, and biometric authentication methods.

The MetaFrame Password Manager Agent is installed where the password-protected applications are installed – meaning the agent can be installed on client workstations or on the MetaFrame Presentation Server. The agent takes over the authentication process between users and applications.

An agent installed on a single workstation may be configured for multiple users, and those users' credentials are stored locally encrypted.

When a user tries to access an application, the agent intercepts the application's request for authentication and submits the user's credentials to the application.

Credentials are also stored in a central repository, in shared folders, or Microsoft Active Directory. The agent synchronizes the local and central store, enabling users to access their credentials from any workstation, and users can manage their own logons. Remote and mobile users can access their credentials whether they are connected or disconnected from the corporate network, because credentials are stored locally.

The MetaFrame Password Manager Console offers a wizard interface for the administrator to create password policies, configure applications for SSO, and manage users' credentials and agent settings.

The console also extends the features of the agent, which has limited functionality without console configurations.

MetaFrame Password Manager offers a large set of preset application definitions, but you can easily add your own. Password Sharing Groups, in which several applications share a common password, ensure a change propagates to all other applications within the group.