Hitachi ID Bravura Pass offers a unique set of technologies, collectively referred to as Self-Service, Anywhere™. Using these technologies, users can resolve problems with their passwords, smart cards, tokens or full disk encryption software both at the office and off-site, from any endpoint device.

Self-service, anywhere™ automates problem resolution in a number of technically challenging and business-critical scenarios:



Business impact
Mobile users are not notified by Windows when their passwords are about to expire. Users who infrequently connect their laptop to the office network, instead checking e-mail with a solution such as Outlook Web Access, suffer regular password expiry and require frequent password resets.

Hitachi ID Bravura Pass sends users e-mails warning of imminent password expiry. Users change passwords using a web browser. An ActiveX control refreshes the password on their laptop.

Fewer login problems that cause a work interruption. Lower IT call volume and support cost.



Business impact
Laptop users sometimes change their password before leaving the office and may forget the new password when they need to use it while not attached to the corporate network. Without a technical solution, the IT help desk cannot resolve these users' problem until they return to the office. User laptops are rendered inoperable until they return to the office.

A Bravura Pass client software component allows users who forgot their primary, cached Windows password and cannot sign into their PC to connect to the Internet over a WiFi hotspot or using an air-card. Users locked out of their PC login screen can also establish a temporary Internet connection using their home Internet connection or a hotel Ethernet service. Once the user's laptop is on the Internet, Bravura Pass establishes a temporary VPN connection and launches a kiosk-mode (full screen, locked down) web browser. The user steps through a self-service password reset process and Bravura Pass uses an ActiveX component to reset the locally cached password to the same new value as was set on the network back at the office.

Forgotten passwords are a major work disruption for mobile users, since they cannot be resolved until the user visits the office. Bravura Pass allows users to re-enable their laptop in minutes.



Business impact
Many organizations deploy drive encryption software to user PCs. This helps prevent data compromise in the event that a laptop is lost or stolen.

Drive encryption software is often configured to prompt the user to type a password before the OS boots up -- a very secure configuration. This password is often synchronized with the user's AD password.

Unfortunately, when users forget their pre-boot password, the unlock process can be quite tedious, as it requires that the user calls the help desk, authenticate themselves and then exchange cryptographic challenge and response codes with the technician on the phone. These can be frustrating and costly IT support calls.

Most drive encryption programs include an unlock process at the PC boot prompt. This normally involves a challenge/response process between the encryption software, the user, an IT support analyst and a encryption software's central server. Bravura Pass can front-end this process using an integrated telephony option, so that users can unlock their PC 24x7, from any location and without calling the help desk.

Drive unlock is an essential IT support service for organizations that have deployed drive encryption. Bravura Pass lowers the IT support cost of these incidents by moving the process to self-service.



Business impact
Organizations deploy smart cards to strengthen their authentication processes. Users typically sign into their PC by inserting their smart card into a reader and typing a PIN. If users forget their PIN or leave their smart card at home, they cannot sign into their PC. PIN reset is a complex support process since the new PIN has to be physically installed on the user's smart card. This means that IT support may trigger a physical visit to the help desk.

Bravura Pass allows users to access a self-service web portal from anywhere, including from the locked out login screen of their laptop, even away from the office (even using WiFi, as described earlier). Once a user signs into the self-service portal, Bravura Pass can download an ActiveX component to the user's web browser, to communicate with the smart card and reset the forgotten PIN. Bravura Pass can also be used to assign a user a temporary login password (often a very long and random one) to be used in the event that a user left his smart card at home.

While forgotten PINs are infrequent -- PINs are not usually set to expire -- when they do happen, they are extremely disruptive. Assigning temporary passwords is just as important for users who left their smart card at home, which happens quite often.

Watch a Movie

Self Service Anywhere™


  • A user forgot his primary Windows login password.
  • The user is away from the office and the corporate AD password is cached locally.
  • The video shows how the user can reset the forgotten password -- from the PC login screen, over WiFi+VPN and get back to work.

Key concepts:

  • Users are increasingly mobile.
  • Mobile users sign into their corporate laptops with cached domain credentials.
  • If a user forgets his Windows password while away from the corporate network, the IT help desk cannot help him, as they cannot access the cached password.
  • Using Self-Service, Anywhere, Bravura Pass allows mobile users to reset forgotten passwords even while away, enabling them to get back to work before they return to the office.
  • Without this technology, a remote user who forgot his password cannot use his PC until he returns -- a major business interruption.