Self Service Reset Password Manager

Enables end-users to securely reset their own Active Directory passwords

With the Self Service Reset Password Management solution, end-users now have the ability to securely reset their own Active Directory passwords without having to involve highly technical helpdesk professionals. SSRPM lowers end-user downtime; end-users no longer have to wait for a member of the helpdesk staff to reset their password. It raises helpdesk efficiency, the staff now has more time to focus on other issues rather than tying up valuable resources on the time consuming task and mundane of resetting passwords. Most importantly, SSRPM increases overall IT security, it eliminates false password reset requests and allows IT to track the password changes that are being made by end-users.

More Screenshots »

Top 5 Reasons to Download SSRPM

Efficiencies and Cost
There will be fewer calls to the helpdesk, which will allow the IT department to focus on more critical issues, leading to increased efficiencies and better utilization of staff skills and abilities

Compliance
The system admin has the ability to track which employees have enrolled and which have not, guarantees password policy enforcement, and it also allows for the tracking and reporting of all user password changes

Productivity
Increases end-user productivity by eliminating the downtime waiting for the helpdesk to reset a password. Increases overall helpdesk productivity allowing staff members to work on other projects rather than dealing with password reset management

Technology
User friendly GUI / GINA extensions make it easy to start the reset process. In addition, there is an ASP web interface password reset form available for remote users or for kiosks. SSRPM also provides multiplatform support and multilingual support

Security
User defined challenge questions verify the user’s identity eliminating the risk of fraudulent password reset requests

Every organization faces several common challenges in password management. With Self Service Reset Password Management IT administrators are now able to address these issues with ease. Some of the most common problems faced by IT departments in password management are listed below; Self Service Reset Password Management is the one solution for them all.

The Problem and The Solution

Common Password Management Problems

Frequent password reset requests to the helpdesk:
- Use of highly qualified IT staff resetting user passwords
Security risks:
- Outside individuals requesting a password reset
- Unenforced password strength requirements
End-user downtime:
- Loss of productivity while waiting for IT staff to reset passwords

The Solution

With SSRPM there is less involvement of the IT staff and an increase in overall network security. IT staff members will also have more time to focus on higher level issues, maximizing their skill set, and elevating the professional image of the IT department.

How does it work?

1. The SSRPM User Client Software

Based on a GPO on an OU/domain, a small piece of software will need to be installed on each workstation in the corresponding OU/domain. This software communicates with the central SSRPM service to allow end-users to reset their passwords and adds an extra "Forgot my password" to the standard Windows logon dialog.

When the end-user logs on, the software will check with the central SSRPM Service to verify enrollment. If not enrolled, the end-user will automatically be asked to enroll. The administrator can allow end-users to skip the enrollment step. If the end-user hits the button “Forgot my password” and the end-user has enrolled, the software will retrieve the set of questions and answers from the central service and the end-user can start the process of resetting their password. The final password reset is performed by the central SSRPM Service.

After the reset, the end-user can log in immediately using the logon dialog.

2. SSRPM Service

The central SSRPM service stores all security question answers in the SSRPM database (as an MD5 encrypted irreversible hash value) and processes the reset password requests. The service is installed during the installation process of Self Service Reset Password Management. For a successful installation, the service must have access to a Windows Domain Controller. The service is managed by the SSRPM Admin Console.

3. SSRPM Admin Console

The SSRPM Admin Console is operated by the sys admin and the helpdesk. It guides the sys admin through the installation of the central SSRPM service. The admin console also assists in the enrollment process and in monitoring service events (for instance: password resets or end-user enrollments) during normal operation through the SSRPM Dashboard and several overviews.

Self Service Reset Password Management is shipped out-of-the-box with the features listed below. The 30 day trial version is fully functional. Tools4ever welcomes suggestions for future releases. Please send your request to feature request SSRPM and we will carefully consider your request. The features below are available in the current release:

Features

General

"Forgot my password" button on the login dialog.
End-users can reset their password and unlock their account without logging a helpdesk request
Enrollment is integrated in the user login. If a user logs on when he/she is not yet enrolled, he/she will be asked automatically to enroll
Password is reset and account is unlocked in Active Directory, other platforms and applications will follow shortly
Mutli-platform support: UNIX, Linux, Novell, and more

System Administrator Features

Easy to use wizard interface to implement SSRPM into the organization
SSRPM can be configured on domain or OU level
Configurable number of questions and answer attempts
Password complexity confirmation suggestions when an end-user resets his/her password. Like "Make sure that your password is 7 characters long and includes at least one capital letter and one lowercase letter"
Fully integrated logging and reporting of all SSRPM actions in the network by console and end-users
System administrator can be notified when an event occurs (for instance when a user enrolls or rests his/her password)