Using an interactive web page to change passwords has educational benefits but requires user awareness and cooperation.
Password change and/or synchronization from a web browser works as follows:
- User: decides to change his password(s) or has been prompted
to by e-mail or a "web pop-up" during the login process.
- User: manually or automatically opens a web browser, navigates
through the Intranet to the Password Manager application.
- Password Manager: authenticate the user, typically with a current password.
- Password Manager: prompts the user to enter a new password.
- User: types a new password, selects some or all accounts.
- Password Manager: validates password quality, possibly
returns the user to previous step.
- Password Manager: resets the password on selected systems
to the new value.
- Password Manager: displays a status page to the user.
- Password Manager: creates a ticket on an incident management system.
- Password Manager: sends the user a confirmation e-mail.
Users do not normally volunteer to change their own passwords. A process for reminding users to periodically change their passwords is described here.
Watch a Movie
Reminder to change passwords
- A user is reminded, via e-mail, to change passwords.
- Users never volunteer to change passwords.
- Mobile users are not reminded to change passwords by Windows, so an e-mail helps them avoid lockouts.
- An interactive web UI can educate users about password policy and in-scope systems, so is often preferable to the Windows "Ctrl-Alt-Del" UI.