Hitachi ID Bravura Pass includes an assisted password reset web portal, which allows IT support staff to help callers without having direct administrative access to target systems:

  • Support staff sign into Bravura Pass with a web browser.

  • Support staff can be authenticated using IDs and passwords internal to Bravura Pass or use pass-through authentication to an existing system.

    For example, support staff may sign into Bravura Pass using their Active Directory ID and password, with Bravura Pass validating the membership of each support technician in a designated AD security group and granting appropriate Bravura Pass privileges based on that group membership.

  • From the Bravura Pass web portal, support staff can search for the caller's profile by login ID or full name.

  • Support staff can be required to authenticate the caller -- for example by keying answers to some of the user's personal questions, which Bravura Pass can validate against its own back-end database or an external database, directory or web service.

    Note that the same, different or overlapping security questions can be used for assisted and self-service authentication processes.

  • Once both the support technician and caller have been authenticated, support staff can reset the caller's password, lock or unlock the caller's access to Bravura Pass or update the caller's profile. Assisted password resets may be configured to also expire the new password, requiring the user to change it on the next login.

  • All transactions -- IT support login, user profile lookup, successful or failed password reset and more may trigger e-mails to the user, to the support technician or to a third party, such as a security officer. The same events can also trigger automatic creation, update or closure of tickets in an incident management system.

  • Since only a single, simple web portal is used, an assisted password reset is normally completed in 1--2 minutes.

  • The right of one user to reset another user's password may be global (e.g., global IT support team) or based on the requester/recipient relationship (e.g., departmental or regional IT support can only assist in-scope users). Moreover, which passwords a given user can reset can be controlled by policy.

  • At no point in the process does an IT support technician require administrative access to the systems where passwords are being reset. Instead, Bravura Pass uses its own credentials to sign into target systems and these are encrypted in an internal Bravura Pass database.

Assisted password reset reduces the cost of password support calls and ensures that such calls are handled in a consistent, secure fashion.


After a password reset, or following any of 300 other types of events, Bravura Pass can create, update and close a trouble ticket in any of the following types of help desk systems:

  • Axios Assyst.
  • Atlassian JIRA.
  • BMC/Remedy ARS (4, 5, 6, 7).
  • BMC/RemedyForce.
  • BMC Service Desk Express (7.0, 7.5, 9.x).
  • BMC Footprints.
  • CA Unicenter Help Desk.
  • Cherwell ITSM.
  • Clarify eFrontOffice (8, 12).
  • FrontRange HEAT (5, 6, 7, 8).
  • HP Service Desk.
  • HP Service Manager (any version).
  • MS System Center Service Manager Console
  • Numara Track-It!
  • ServiceNow.
  • ... and more

Watch a Movie

Assisted password reset


  • The experience of a help desk analyst resetting passwords for a user who has forgotten his password or triggered a lockout.

Key concepts:

  • Help desk staff may be forced to authenticate callers, for example by prompting them with security questions and keying in their answers.
  • Help desk staff may be empowered or required to cause new passwords to be immediately expired.
  • “Behind the scenes,” a help desk ticket is normally created to record the service incident.