Self Service Password Reset Tools

Resetting forgotten login passwords of domain users is a crucial bottleneck, which a help desk technician has to handle as a routine. A password reset ticket or a forgotten login password has to be addressed within minutes in-order to avoid employee downtime and productivity loss. It is estimated that atleast 40 percent help desk tickets are related to password resets and on an average each change password ticket is time consuming (about 20 minutes) thus prevents the helpdesk from focusing on more pressing issues.

A self service password reset solution that allows an end user to self reset his domain password in windows active directory remotely from a web browser without calling the helpdesk is an essential requirement. A self service password reset and management solution not only reduces the number of help desk password tickets but also enhances the productivity of an end user by averting unnecessary and prolonged waits.

Watch these steps in action

Password Reset DEMO

Self Reset passwords securely from a web browser

With ADSelfService Plus, domain users can self reset their ldap active directory password securely with ease by answering a set of self configured validation questions. ADSelfService Plus further allows an Administrator to:

• Empower all domain users to proactively and securely self reset / change login passwords with ease from the web portal.
• Free the helpdesk of password service queries and allow them to concentrate on more pressing issues.
• Allow all users to reset their domain login passwords from any where within the LAN (Remote password reset from a web browser).
• Ensure security on empowerment by validating each domain user during enrollment.
• Allow domain users to set questions which are comfortable and relevant for themselves to answer like mother's maiden name, color of car, name of pet dog and more on enrollment.
• Configure the limits for enrollment quiz.
• Notify users on soon to expire password.
• Set stronger password policies in Microsoft windows Active directory, and comply with your audit requirements and be least worried of any increase in ticket volumes.

Self Reset Passwords at the press of Ctrl+Alt+Del Keys!

Gina/CP Client Software

To bring about user self-password reset at the press of Ctrl+Alt+Del keys, ADSelfService Plus provides its administrators with the GINA/CP client software, an extension of MS GINA, which comes with the additional functionality of displaying Reset Password/Unlock Account button in the Winlogon ("Ctrl+Alt+Del") screen. For more details on GINA/CP client software, click on Managing Passwords Using ADSelfService Plus - GINA/Credential Provider

Reduce helpdesk costs

Deploying additional helpdesk employees though considered by most IT Managers / Administrators will address the ticket volumes for login password resets. In the long run, the costs to maintain additional workforce will exceed the return on investment, and the quality of work a helpdesk performs. ADSelfService Plus self service password management software provides an ever in demand solution where any domain user can reset his own password from a web-based console from a remote location in the LAN, the ldap password reset tool eliminates the need to call a help desk technician and in-turn the cost associated with it.

Identity Verification in ADSelfService Plus

For any password self-service software, the foremost duty is to establish the identity of the user requesting password self-service. ADSelfService Plus employs two techniques in order to verify and establish the identity of a user:

• Security Questions and Answers method
• SMS/E-mail based ID Verification method

In the first case, the user answers a set of predefined security questions and in the second method, the user has to successfully reproduce the verification code sent to his mobile or e-mail id to establish his identity. You can choose to exercise both these user identification methods for enhanced security. Learn more about the need and benefits of Identity Verification process.

Enrollment with ADSelfService Plus

Domain users are protected from destined/accidental reset of domain login passwords by other users when using the service. The self password reset software allows only those users who are enrolled in it by answering a set of hint question and answers and/or by entering their mobile number and e-mail id to perform a self password reset.

The simple enrollment process involves selecting preferred challenge questions from an available list of questions or adding self framed challenge questions like 'what is your mothers maiden name', 'what is the color of your car' or any other question which the domain user feels specific to him and will challenge any other unauthorized user from detecting his/her password identity. The answers provided to the questions at the time of enrollment by the end user are stored in ADSelfService Plus and are compared for verification of the end user at his next login. If a mismatch occurs the user is not permitted to perform self service password management functions and is prevented from logging in the web portal.

The Limits for the validation questionnaire include :

• Maximum and Minimum lengths of the questions.
• The type of questionnaire (open ended or from a drop down menu)
• The number of questions that an end-user is allowed to frame.
• The maximum and minimum length for an answer.

The limits are set by the administrator from the admin console of the self password reset software and notified to all users in the Windows Active Directory. The self service reset password management solution has a built in bulk emailing utility to notify all users present in the configured domain to enroll themselves. Any domain user can perform a password reset or account unlock once enrolled with the password reset tool by answering the validation questionnaire.

Administrators can also choose to enable SMS/E-mail verification code check. Enrollment is not required should you choose only SMS/E-mail verification code, as ADSelfService Plus automatically collects the required information (mobile number and e-mail id) of the user from Active Directory.

Possible Password Tickets an Administrator or Help Desk encounters Day to Day from End Users

• I forgot my password.
• Forgotten my windows login Password.
• I am not able logon into my account.
• Someone has changed my windows xp password I want to reset it.
• Someone has changed my password admin please help.
• I am not able to login into my account with my domain password.Admin please help.
• How do I recover my account? How do I change my login / logon password?
• I have shared my password identity with my fellow employee and want to change it to a new password How do I change my password in the Active Directory?
• Can I use my neighbors machine and change my domain password using a web browser ?

The above are few examples of the routine password queries that administrators and delegated help desks have to face which can be eliminated by using ADSelfService Plus - Self Service Reset Password Management Solution.

Notification on Soon to Expire Passwords

Schedule reports on soon to expire passwords and also notify users by email. ADSelfService Plus automatically emails users on the time of password expiry at regular time intervals as scheduled by the administrator from the admin console of the password reset software alerting users to reset login password. Alarming an end user well ahead of time on a soon to expire login password ensures that account lockouts are minimized to a bare minimum.

Multi-platform Password Synchronizer

Synchronize Windows Active Directory password reset made using ADSelfService Plus across multiple platforms. When a user makes changes to his Windows Active Directory password using ADSelfService Plus, the changes are automatically reflected in other systems too. This way, users will only have one password to remember for all the systems they have access to, and you can ensure that the new Windows AD password set by the user is automatically updated across different platforms without any intervention from the user or administrator. Learn more about Password Synchronizer.

Confirm with Audit requirements

A self service password reset solution coupled with periodic notification on soon to expire passwords heightens the confidence of an administrator to set more complex password policies in the Active Directory. Setting complex password policies helps confirm to Audit requirements. More on active directory password compliance.

Automatically Reset Expired Domain User Password

ADSelfService Plus with its advanced functionality allows an automatic reset of passwords at scheduled intervals of time if configured in the Admin Portal by the administrator. An automatic scheduled reset of password enables smooth and efficient password policy enforcement. More on automatic password reset.

Some other benefits of ADSelfService Plus - Self Service Reset Password Management