Passwords are the fundamental protection for the user, to control what his ‘user-id’ performs in the IT-systems! Modern password policies help protect the passwords against outsiders' attempts to get hold of the password.
No chain is however stronger than the weakest link, and in password protection the password reset process is vulnerable! We have unfortunately often heard from service desk employees that they trust users calling in and requesting a new password. No authentication takes place!
This is not acceptable from a management and not even a user point of view. The answer is solid authentication. This is true for as well self-service as for manned operations. From our dialogue with customers and interest groups we see the following authentication methods being used for users who have forgotten their password:
As can be seen from the above, all different authentication choices have inherent challenges or weaknesses. An additional major management challenge is how to monitor that the service desk actually does exactly as the authentication process describes!! If you limit the privileged rights to the service desk, so password reset only can occur through FastPass (and not through privileged Windows accounts), then all password resets can be monitored!
In some situations – like access from external networks – or for some users with access to criticval…
In some situations – like access from external networks – or for some users with access to criticval systems, we will require strong authentication.
Strong authentication is also called 2-factor authentication, as it must combine 2 authentication methods of the standard 3 types:
Strong authentication is actually easy to implement in passwords self-service systems.
All FastPass products have user’s free choice of authentication, 2-factor authentication and advanced logging and reporting.Help me choose
More info: Password security and compliance
We made a survey with many members from LinkedIn ITSMF groups. We asked 5 questions: How do you aut…
We made a survey with many members from LinkedIn ITSMF groups.
We asked 5 questions:
You can see the answers in this post LinkedInHelp me choose
More info: Self-service password issues
With self-service of passwords it is possible for organizations with the modern solutions to make au…
With self-service of passwords it is possible for organizations with the modern solutions to make authentication methods fit with the realities of users, where different users must have different but still secure authentication. It is even possible to have users select the authentication method in the forgotten password situation!
With good logging it is furthermore possible to monitor exactly how users authenticate.Help me choose
More info: Password
We found that FastPass was the only solution in the marketplace with the capability to deliver a fully-fledged solution that we could use for all of our customers. A solution is only good once deployed and we see that the new service based on FastPass is highly popular among our customers. We tested several products in the market and found that the FastPass product stood out clearly as the best product thanks to the easy implementation, single point of management and rich feature set. FastPass supports our strategy of the very best customer experience regardless of the time of day, says Per Werngren, CEO at IDE.
"The Portuguese Parliament was looking for a self-service password reset/unlock solution. We surveyed the market, and found some expensive and complex solutions. Then we discovered FastPass, which seemed to address all our requirements. We did a pilot installation, and were very pleased by the ease of use for both the administrator and the final user interface. We were even more pleased with the low cost for such a complete product. After we acquired the product, installation was a breeze and FastPass support helped us promptly in all our issues and questions. We had the product in full production in about one week after installation and initial testing. Now our users have a simple method to unlock/reset their passwords without contacting helpdesk, at any time of day or night and from everywhere they have Internet access."
Varde City Council needed to improve service for end-users working outside normal business hours, and wanted at the same time to reduce number of calls to the internal IT department. With more than 100 password related calls each month, Varde decided for FastPass to give users self-service for passwords. Varde has two priomary passwords : Windows/AD and an extermnal password from an IBM mainframe (KMD). With FastPass users now have self-service when a password is forgotten or lost. Within less than 3 months more than 80-85% of calls are now handled by users. See the comments from Lea Dragsbæk
Sonoco realized the need to reduce Help Desk expenses and quickly identified password resets as a target call volume. Sonoco had already made a large investment in their identity and access management infrastructure and they wished to capitalize on that with minimal additional investment. Sonoco and Logic Trends collectively identified FastPass’s Password Manager product due to the low licensing cost, low maintenance effort and strong integration with the Microsoft infrastructure.
Faced with a compliancy requirement from our US parent company, we surveyed the market for a tool that would help us to come into line with section 404 of the Sarbannes-Oxley Act, which requires our users to authenticate themselves to the environment and have the ability to manage their own passwords.
Exactly 21 days before the compliance date we found FastPass Password Manager with a connector to our AS/400 environment.
IT Intergroup worked with us to get the FastPass solution in place and we were compliant a week ahead of schedule. All our users are now able to authenticate and resset passwords from a simple browser interface
In the spring 2009 Tulsa Public Schools decided to implement FastPass Password Manager from FastPassCorp. IT-manager Kirk Damron says: "We needed to reduce the load on our Help Desk from numerous calls related to forgotten passwords". With 8000 employees and teachers and increasing complexities in passwords, the ‘forgotten password’ workload was significant.
Kirk Damron adds: "We needed a solution which was easy to implement and administrate, and easy to use for the end-users. FastPass has proved to be just that!"
Installation and implementation was done in just one day, and the continued roll-out to users has been effortless.