Self Service Reset Password Management
Enable End Users to Reset Their Own Active Directory Password Securely
Tools4ever’s Self Service Reset Password Management (SSRPM) is a software solution that allows end-users to reset their password on the basis of a number of simple, predefined questions. The ‘Forgot My Password button’ is integrated into the standard Windows Logon screen and supports a number of platforms.
With SSRPM, system administrators have total control over the password management process, from creating the personal questions to establishing the number of questions that must be answered correctly. With SSRPM, the time-consuming process surrounding password reset is greatly reduced or even eliminated from IT departments.
Click here to learn how end users to easily reset their own passwords.
» Download test version
» Request quote
» Online demo request
Self Service Reset Password Management with GINA Integration
On average, 25% of the calls to a helpdesk are estimated to be password-related, such as resetting forgotten passwords. The IT staff are burdened with resolving these calls, resulting in an increased administrative load for the IT department. At the same time, the end-user also wastes time and is less productive, because he or she is locked out of the network temporarily.
This results in frustration for both the end-user and the system administrator or helpdesk. Thanks to SSRPM from Tools4ever, the IT department is less burdened with these duties and can focus on resolving more critical calls.
References
Customers who use Self Service Reset Password Management include:
Macmillan Cancer Support
Harrison College
South County Hospital
Language Support
SSRPM supports several languages, namely English, Dutch, French, German, Spanish, Italian, Portuguese, Polish, Czech and Russian.
24/7 Availability
End-users can reset their password 24 hours a day, including weekends and holidays. This is in contrast to the availability of the IT helpdesk.
Own Password Policy
The system administrator has total control over the password policy. For example a complex composition of the password with at least 7 characters or at least 1 uppercase letter. Various password security levels can be configured, from weak to strong.
Advanced Authentication
SSRPM’s Advanced Authentication module can be used to expand the set of personal verification questions with an additional layer of security in the form of two-factor authentication. Two-factor authentication is achieved by expanding the set of questions (knowledge) with a code sent using a text message (physical identification token). Besides texting codes, it is possible to mail the code to the user’s personal email address. The texting and email options can be set for each user group.
Reversible Encryption
It is possible to configure SSRPM to encrypt the answers instead of creating a hash. The advantage of using reversible encryption is that it is possible to use the Helpdesk Caller Identification web interface.
Questions Configuration
System administrators can modify the number and content of the test questions themselves. This also applies to the number of attempts the end-user may make to enter the details correctly.
Reversible Encryption
It is possible to configure SSRPM to encrypt the answers instead of creating a hash. The advantage of using reversible encryption is that it is possible to use the Helpdesk Caller Identification web interface.
Helpdesk Caller Identification Web Interface
This web interface is intended for helping the helpdesk authenticate users, without the user telling the helpdesk their complete answers to the questions.
Secure Interface
End-users are authenticated on the basis of a number of predefined questions. Administrators can decide themselves how many incorrect answers can be entered before someone is blocked from using the application.
Login Possible Anywhere
It’s possible to reset passwords from any workstation. SSRPM integrates the ‘Forgot My Password button’ in the organisation’s logon window or a web portal.
Multi Platform Support
SSRPM supports Windows, Unix, Mainframe, Novell, Lotus Notes, AS/400, Citrix and a variety of web applications like OWA and NFuse.
Clear and Adaptable Design
The SSRPM Admin Console offers system administrators an overview of all relevant information, such as end-users who have not logged on, an overview of the number of incorrect answers for a new password, and an overview of the current SSRPM status. The GUI, configuration and reporting abilities can be tailored to meet your organizational requirements.
Integration with Other Tools4ever Solutions
The web interface of SSRPM is able to show password complexity rules defined by Tools4ever's Password Complexity Manager (PCM) and check if the new password meets the requirements defined by that policy.
Saves Time and Money
Deploying SSRPM enhances the efficiency of the helpdesk and because end-users can modify their own passwords directly, they remain productive. It also reduces the number of calls to the helpdesk to near zero. SSRPM has been proven to reduce the number of helpdesk calls regarding reset password by as much as 90%.
Improved Service Level
End-users can reset their passwords easily and at any time (24/7). Remote users don’t have to wait for the helpdesk to release the accounts. With SSRPM, the helpdesk service window for resetting passwords is simply increased from office hours to 24/7.
Better Security
By posing the predefined and pre-answered questions to establish the identity of the end-user, the risk of fraudulent requests for password resetting is avoided. This is often a major improvement over the current situation where an end-user can call the helpdesk and a minimal methodology of checking is carried out. Is the caller who he says he is?
Fulfils Compliance
Because all the actions of SSRPM are recorded in an audit log, standard management reports can be generated with SSRPM, particularly for organizations having to work with SOX, HIPAA, SEC and GLBA requirements.
Out-of-the-Box Solution
SSRPM installation is possible in less than two hours.
Software Requirements
| Operating System | Type | Version |
|---|---|---|
| Windows 2000 | 32 & 64 bits | SP4 or higher |
| Windows 2003 | 32 & 64 bits | all versions |
| Windows 2008 | 32 & 64 bits | all versions |
| Windows XP | 32 & 64 bits | all versions |
| Windows Vista | 32 & 64 bits | all versions |
| Windows 7 | 32 & 64 bits | all versions |
| Supported Databases | |
|---|---|
| Database | Version |
| MS Access | all versions |
| MS SQL 2000 or higher | all versions |
| Supported Remote Desktop |
|---|
| Windows Terminal Server |
| Citrix |
| SSRPM Website |
|---|
| IIS 6.0 |
| ASP.NET 2.0 |
Minimal Hardware Requirements
Processor: Pentium III (Pentium 4 or higher recommended)
Memory: 512 MB RAM (1 GB or more recommended)
Hard disk space: 256 MB (1 GB or more recommended)
Depending on the exact configuration and used components the system requirements may vary.
SMS Authentication
To enforce strong (two-factor) authentication, it is possible to prompt end users to enter a PIN code during the password reset process. This PIN code will be sent to a mobile number previously specified by the user.
The main benefit of this type of authentication is that SSRPM is secured more effectively. In addition to providing answers to personal questions, users must have a personal physical device at their disposal (the mobile phone) to receive the pin code.