Features Self-service Password Reset
Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page

Self-service Password Reset - Hitachi ID Password Manager

(1)Users who have forgotten a password or triggered an intruder lockout can sign into Hitachi ID Password Manager using other types of credentials to reset their password or clear the lockout. Non-password authentication options include security questions, voice biometrics, smart cards, hardware tokens and random PINs sent to a user's mobile phone using SMS.

Access to self-service is available from a PC web browser, from the Windows login screen, using a telephone or using the mini web browser on a smart phone.

Users can authenticate to self-service password reset or PIN reset system using any combination of the following mechanisms:


Watch a Movie

Locked out Windows 7 user accesses password reset software


Play movie

Content:

  • A user has either forgotten his password or triggered an intruder lockout.
  • The user's PC runs Windows 7.
  • The user wishes to unlock his account without calling the help desk.

Key concepts:

  • Access to SSPR is available as a credential provider (CP).
  • The CP can be installed on Windows Vista and Windows 7 workstations.

Locked out Windows XP user accesses password reset software


Play movie

Content:

  • A user has either forgotten his password or triggered an intruder lockout.
  • The user's PC runs Windows XP.
  • The user wishes to clear an intruder lockout or reset a forgotten password.

Key concepts:

  • Access to the self-service password reset solution (SSPR) is available as service installed on Windows XP workstations.
  • The password reset service is not a GINA DLL. Instead, it adds UI elements to the native GINA on the fly.
  • This architecture is less risky than installing a DLL into the GINA DLL chain.

Locked out Windows user resets own password (no software footprint)


Play movie

Content:

  • A user has either forgotten his password or triggered an intruder lockout.
  • The user's PC runs any version of Windows.
  • The user wishes to unlock his account without calling the help desk.

Key concepts:

  • Access to SSPR is available using a secure kiosk account.
  • This approach eliminates the need to install any software on the PC.
  • The trade-off is a special domain account, typically called help which every user can sign into but which has minimal security entitlements.

Self Service Anywhere™


Play movie

Content:

  • A user forgot his primary Windows login password.
  • The user is away from the office and the corporate AD password is cached locally.
  • The video shows how the user can reset the forgotten password -- from the PC login screen, over WiFi+VPN and get back to work.

Key concepts:

  • Users are increasingly mobile.
  • Mobile users sign into their corporate laptops with cached domain credentials.
  • If a user forgets his Windows password while away from the corporate network, the IT help desk cannot help him, as they cannot access the cached password.
  • Using Self-Service, Anywhere, Password Manager allows mobile users to reset forgotten passwords even while away, enabling them to get back to work before they return to the office.
  • Without this technology, a remote user who forgot his password cannot user his PC until he returns -- a major business interruption.

User Interfaces

Self-service password reset is available from a full screen or mobile phone web browser, from the PC login prompt and from a telephone, as described here.