Many organizations depend on self-service technologies in general and self-service password reset in particular to lower the cost of IT support by moving problem resolution out of the help desk and into the user community.
Traditional self-service password reset solutions offer a web-based process where a user who has forgotten or locked out his password can identify himself, authenticate with something other than the lost or locked password -- for example, by answering a series of security questions -- and reset or unlock his password.
Since users who forgot their primary Windows password cannot launch a web browser, two additional user interfaces are commonly deployed -- first, a GINA extension DLL (on Windows XP) or a Credential Provider (on Vista or later) allows users to access self-service from their PC's login screen. Second, an integrated voice response (IVR) system may allow users to reset or unlock their passwords using their telephone.
These solutions have worked well for years, but two important market trends are making them inoperable:
- Many organizations are deploying full disk encryption. This means that users may forget or lock out the password used to activate their PC, before an operating system even boots up. Self-service in this case means encrypted drive unlock, not password reset.
- Many organizations have an increasingly mobile and telecommuting workforce. Their users sign into their laptops using locally cached passwords. When the help desk resets a remote user's password, the change cannot propagate to the local cache, so the login problem is not resolved. These users have to physically visit an office and attach their PC to the corporate network before their login problem can be resolved.
This document explains how Hitachi ID Password Manager addresses these important problems and enables modern organizations -- who have a mobile and/or remote workforce and who deploy full disk encryption -- can continue to realize the benefits of self-service password-reset, PIN reset and key recovery.
To the best of Hitachi ID Systems' knowledge, no other commercially available password management or identity management software is able to address these issues.
2018-11-14 - J.S.