Enterprises should demand better
- A single system to manage all authentication factors.
- Integrations with all of their major systems and applications.
- Support for mobile users -- SSPR, cached credentials, etc.
- Integration with user provisioning, for "instant-on" capability.
- Integration with federation/WebSSO, for "login here, access app there" capability.
- Support for smart card PIN reset (note: this can never be done via a telephone).
- Support for token PIN reset.
- Support for hard drive key recovery.
- Support for collecting old and distributing new PKI certificates.
- Many authentication options: passwords, security questions, tokens, smart cards, biometrics, cell phones.
- Many enrollment options: security questions, biometrics, phones.
- This is much more than just SSPR!
- This is AUTHENTICATION MANAGEMENT.