TOOLS EVER 4 self service reset password management (ssrpm)

self service reset password management (ssrpm)
the single most common helpdesk call is a user requesting a password reset. particularly
after a holiday or vacation, users tend to forget their passwords and call the helpdesk
to have it reset. the problem occurs even more frequently when complex or difficult to
remember passwords are introduced. the large volume of helpdesk calls involving password
reset requests imposes a significant management burden on the it department.
Self Service Reset Password Management (SSRPM) by Tools4ever
enables end users to reset their own passwords by answering
several predefined challenge questions. This means users will no
longer have to wait for the helpdesk to handle their password reset
request. The primary benefits are:
2. End users confirm their identity by answering a series of
personal questions, such as “What was the name of your first
pet?”. The questions are those that the user answered when he
or she enrolled in the product.
 A 90% reduction in password related helpdesk calls
 End users remain productive because they don’t have to wait for
a new password
 An improvement in the helpdesk’s service level through 24/7
password reset support
 Elimination of password reset requests by unauthorized parties
 Compliance reporting via the SSRPM audit log.
When a user forgets his password, they take the following steps:
1. End users access SSRPM by clicking the ‘Forgot my password’
button in any login screen (Windows 7 or 8, Vista XP, Outlook
Web Access, Citrix etc.) or through a web page on the Intranet.
3. Optional: The user enters a pin code they received by mobile
phone or alternate e-mail address (Two Factor Authentication).
4. The user can unlock their account and/or enter a new password.
ssrpm consists
of three components:
 A central Windows service handles the SSRPM settings
(password questions, security settings etc.) and retains the
answers, in an encrypted fashion, to challenge questions
users had previously answered. The central service then
verifies whether the answers entered are correct and handles
the actual unlocking of accounts and password reset
 The addition of the “Forgot My Password” button to the login
screen of each application and a web site for the Intranet.
Through this interface, a request to unlock an account or reset
a password is sent to the central service.
 A management console allows systems administrators to
implement changes to the central service and monitor and
control the password process. SSRPM is a highly flexible
solution supporting virtually any imaginable configuration
option. Amongst other items, it is possible to define or
modify user questions, to define the complexity of answers to
questions (length, visibility, exclude words, exclude repetitions
etc.) and to determine who and which workstation is able to
access SSRPM.
system requirements
 Hardware:
Pentium 4 or higher, at least 1 GB RAM, at least 1 GB disc
space recommended.
 Software:
Windows 2000 or later, 32-bit and 64-bit, Windows Terminal
Server & Citrix supported
 Databases:
MS Access, MS SQL 2000 or higher (all versions)
technical features
 The solution can be operational in less than two hours
 End users are provided with instructions via the enrollment
 Configuration per domain or OU
 The GUI of the Admin Console, configuration and reporting
capabilities can be customized
 Password complexity can be modified
 A virtually unlimited range of options for setting questions
and answers, the length of answers, language choice, answer
complexity etc.
 Answers by end users are encrypted and stored in the SSRPM
 Ability to set various security levels, from weak to strong
 Support for authentication via e-mail (reception of a PIN code)
or SMS messages.
 Detailed reporting capabilities, e.g. status enrollment,
completed password resets, who provided an incorrect
answer, users blocked in SSRPM etc. The reports can also be
generated and made available on the Intranet or e-mailed to the
system administrators
 Multi-platform support; ability to reset passwords for virtually
any application or system
 Ability to generate e-mail notifications to managers in case of
a particular event, e.g. when a user repeatedly provides the
wrong answer to questions
 Secure delegation of a select number of SSRPM system
administration tasks to a helpdesk agent, e.g. to enforce the
re-enrollment of an end user
 Offline support: even when a user is outside of the network, he/
she can reset or unlock their password.