Skip to main content

Telephone Access to Self-service - Hitachi ID Telephone Password Manager

Hitachi ID Telephone Password Manager is a component of Hitachi ID Identity and Access Management Suite which is automatically enabled for every Hitachi ID Password Manager licensee.

Overview:

Telephone Password Manager is a turn-key telephone user interface bundled with the Password Manager credential management solution. It enables organizations to quickly and inexpensively offer self-service password reset, PIN reset and disk unlock to users over a telephone, without having to configure a complex IVR system.

Features:

Telephone Password Manager supports self-service management of authentication factors (credentials) and recovery of disk encryption keys over a telephone with:

  • User identification:

    Users who call Telephone Password Manager typically identify themselves by typing a personal identifier on a touch-tone telephone keypad. The identifier may be a pre-existing numerical ID, such as an employee number or a letters-to-digits mapping of an alpha-numeric ID, such as the user's network login ID.

  • User authentication:

    Once identified, users must be authenticated. Telephone Password Manager supports authentication with a hardware token (e.g., RSA SecurID), by asking the user to key in answers to numeric security questions using a touch-tone telephone keypad on their phone (e.g., driver's license number, SSN, date of birth, etc.) or using an optional biometric voice verification module.

  • Password reset:

    Once authenticated, users can initiate a password reset. This may be for one or all of their passwords and the new password may either be randomly generated and read out to the user or user-specified. New passwords may be set to expire after first use.

  • PIN reset:

    Authenticated users can also use Telephone Password Manager to reset the PINs on their RSA SecurID tokens. A randomly-generated or a user-specified PIN may be used.

  • Disk unlock:

    Users with a full disk encryption program protecting their computer can use Telephone Password Manager to automate the key recovery process in the event that they forgot the password that unlocks their computer.

  • Text to speech:

    Telephone Password Manager is normally configured to play .WAV audio files as asks for user input. It also includes a text to speech mechanism that makes it easier to develop new navigation menus and defer new voice recordings.

  • Speech to text:

    While text input into Telephone Password Manager is usually made with a touch-tone keypad, Telephone Password Manager can be configured to recognize small dictionaries of spoken words, so that users can make alphanumeric input by speaking the names of letters and digits.

  • PBX integration:

    Telephone Password Manager can be directly integrated into an existing PBX system, by installing the appropriate (to that PBX system) Dialogic telephony board on each Telephone Password Manager server.

  • VoIP integration:

    Telephone Password Manager can also be connected to a voice-over-IP network and configured to accept VoIP calls.

Benefits:

Telephone Password Manager lowers IT support costs and improves user service by enabling mobile, remote or locked out users to resolve problems with their password, hardware token or encrypted hard disk on their own, without calling the help desk.

Telephone Password Manager can improve the security of IT support processes by authenticating users with biometric voice-print verification prior to offering services such as password or PIN reset.

Installation Prerequisites

End user licenses of Password Manager 7.0 and later include the Telephone Password Manager module at no additional charge. Telephone Password Manager is a software solution which allows users to reset passwords and token PINs using a telephone.

To implement Telephone Password Manager, Hitachi ID Systems customers must provide:

  1. A Windows server where Telephone Password Manager will be installed. This can be the same server as the main Password Manager software or a similarly sized stand-alone server.

    Hardware configuration for this server is described at:

    http://Hitachi-ID.com/technology/server-hardware.html

  2. A Dialogic telephony board and/or software module suitable for the organization's PBX solution and sizing needs. This may be one of the following:

    1. Dialogic hardware for digital telephone systems, as described at:

      http://www.dialogic.com/products/tdm_boards/signaling/D42JCT-U_Boards.htm

      http://www.dialogic.com/products/tdm_boards/signaling/D82JCT_U_Boards.htm

    2. Dialogic hardware for analog telephone systems, as described at:

      http://www.dialogic.com/products/tdm_boards/media_processing/D120JCT_Boards.htm

    3. Dialogic software for Voice over IP (VoIP) phone systems, as described at

      http://www.dialogic.com/products/ip_enabled/hmp_software.htm

  3. At least a one-year support contract from Dialogic or its reseller(s) for the solution selected above, as described at:

    http://www.dialogic.com/products/services/default.htm

Note that it is Hitachi ID Systems' recommendation that customers select the VoIP HMP option if possible, as it is less expensive, easier to maintain and does not require any hardware.


Watch a Movie

User unlocks Windows password via telephone


Play movie

Content:

  • User locks out Windows login password.
  • User accesses self-service password reset via telephone.
  • User enters his network login ID using touch-tone input.
  • User gives numeric answers to security questions.
  • User selects one of several random password.
  • User signs into Windows with the new password.

Key concepts:

  • Access to self-service password reset despite being locked out of Windows.
  • User interaction via telephone, no client footprint.

page top page top