Next PDF

swipe to navigate

Solutions Using Password Manager

Of the above solutions, the first three require no special software. Hitachi ID Systems offers software for each of the remaining alternatives:


Hitachi ID Software Offering

Notes and Recommendations

Mobile Access

Reset the password using an app on the user's phone.

A proxy server, hosted in the cloud, must broker communication between the user's phone, which is connected to the public Internet and typically has no VPN connection and the on-premises Password Manager server.

IVR password reset

Either extend the call flow in an existing IVR system or deploy Hitachi ID Telephone Password Manager, included with Password Manager, to allow users to reset forgotten passwords via phone call. Authentication may be via touch-tone input, speech to text or biometric voiceprint matching.

This mechanism is especially helpful to reset forgotten PINs to OTP tokens, which are often used to sign into the VPN.

Domain secure kiosk account (SKA)

Allow users to sign into their network-attached PC with a generic domain account, such as "help" (typically with no password). Launch a kiosk-mode web browser instead of the Windows desktop, to connect users to the password-reset system.

Two drawbacks: the user must be on-premises and a generic account is created on the network. One advantage: easy to deploy.

Credential Provider (CP)

Adds a new tile to the Windows login screen, used to launch the Login Assistant, which enables access to self-service for locked out users.

Very popular, especially with VPN integration to support off-site users.

Choosing the Right Solution

Ultimately, the choice of technology and business process solutions to the "locked out of login prompt" problem is up to Hitachi ID customers. Password Manager technology supports every technically possible solution.

Next PDF

Comment via LinkedIn