If you forget your password for your PC when you are travelling, your PC is absolutely locked until you get back to your company domain, where the service desk can help you. This might be days later with lost productivity and business as result. Unless the user can do self-service for password reset or password un-lock.
You have however at least two technical challenges when you want to let users have self-service of passwords from remote locations, which even might be from home:
If you are at a place where you can get an internet cable, then Windows will accept the connection even though the users hasn’t logged in yet (which is the case when the password is forgotten). Often however your only chance for internet connection is via Wi-Fi. This connection is not standard supported by Windows before the user is logged in, even when it is the usual Wi-Fi internet connection.
In this case you need the self-service of passwords solution to establish the Wi-Fi connection. You will have a number of different scenarios from your usual Wi-Fi at home to a first time Wi-Fi. Be sure that the solution you choose will support the situations your users meet.
There is a special case in many public places and hotels, where Wi-Fi connection needs a password to be entered from a browser session. Opening for access to a new browser before Windows have started for real imposes many security threats and must be avoided. The best option for such situations is to benefit from the fact that practically all users have a smartphone. Making a Wi-Fi connection to the user’s smartphone will circumvent all difficulties with unknown Wi-Fi connections.
With internet connection established it is possible to get to the password self-service portal and change the password at Active Directory if you have a self-service PC-client. To log-in to the PC requires however that the new password is synchronized from AD to the PC password cache. This only happens automatically if the PC is connected to the domain!
For users outside the domain the self-service tool must establish a VPN kind of connection for Windows to make the synchronization. When the synchronization has happened, the user can return to the Windows log-in screen and use the new password that he just reset himself.
Conclusion: You can give your users the tool to reset PC-passwords from distant and uncommon remote places, giving confidence that even a forgotten or locked password can’t spoil the trip!! To see FastPass’ solution for the remote users: FastPass Wi-Fi
In some situations – like access from external networks – or for some users with access to criticval…
In some situations – like access from external networks – or for some users with access to criticval systems, we will require strong authentication.
Strong authentication is also called 2-factor authentication, as it must combine 2 authentication methods of the standard 3 types:
Strong authentication is actually easy to implement in passwords self-service systems.
All FastPass products have user’s free choice of authentication, 2-factor authentication and advanced logging and reporting.Help me choose
More info: Password security and compliance
We made a survey with many members from LinkedIn ITSMF groups. We asked 5 questions: How do you aut…
We made a survey with many members from LinkedIn ITSMF groups.
We asked 5 questions:
You can see the answers in this post LinkedInHelp me choose
More info: Self-service password issues
With self-service of passwords it is possible for organizations with the modern solutions to make …
With self-service of passwords it is possible for organizations with the modern solutions to make authentication methods fit with the realities of users, where different users must have different but still secure authentication. It is even possible to have users select the authentication method in the forgotten password situation!
With good logging it is furthermore possible to monitor exactly how users authenticate.Help me choose
More info: Password
We found that FastPass was the only solution in the marketplace with the capability to deliver a fully-fledged solution that we could use for all of our customers. A solution is only good once deployed and we see that the new service based on FastPass is highly popular among our customers. We tested several products in the market and found that the FastPass product stood out clearly as the best product thanks to the easy implementation, single point of management and rich feature set. FastPass supports our strategy of the very best customer experience regardless of the time of day, says Per Werngren, CEO at IDE.
"The Portuguese Parliament was looking for a self-service password reset/unlock solution. We surveyed the market, and found some expensive and complex solutions. Then we discovered FastPass, which seemed to address all our requirements. We did a pilot installation, and were very pleased by the ease of use for both the administrator and the final user interface. We were even more pleased with the low cost for such a complete product. After we acquired the product, installation was a breeze and FastPass support helped us promptly in all our issues and questions. We had the product in full production in about one week after installation and initial testing. Now our users have a simple method to unlock/reset their passwords without contacting helpdesk, at any time of day or night and from everywhere they have Internet access."
Varde City Council needed to improve service for end-users working outside normal business hours, and wanted at the same time to reduce number of calls to the internal IT department. With more than 100 password related calls each month, Varde decided for FastPass to give users self-service for passwords. Varde has two priomary passwords : Windows/AD and an extermnal password from an IBM mainframe (KMD). With FastPass users now have self-service when a password is forgotten or lost. Within less than 3 months more than 80-85% of calls are now handled by users. See the comments from Lea Dragsbæk
Sonoco realized the need to reduce Help Desk expenses and quickly identified password resets as a target call volume. Sonoco had already made a large investment in their identity and access management infrastructure and they wished to capitalize on that with minimal additional investment. Sonoco and Logic Trends collectively identified FastPass’s Password Manager product due to the low licensing cost, low maintenance effort and strong integration with the Microsoft infrastructure.
Faced with a compliancy requirement from our US parent company, we surveyed the market for a tool that would help us to come into line with section 404 of the Sarbannes-Oxley Act, which requires our users to authenticate themselves to the environment and have the ability to manage their own passwords.
Exactly 21 days before the compliance date we found FastPass Password Manager with a connector to our AS/400 environment.
IT Intergroup worked with us to get the FastPass solution in place and we were compliant a week ahead of schedule. All our users are now able to authenticate and resset passwords from a simple browser interface
In the spring 2009 Tulsa Public Schools decided to implement FastPass Password Manager from FastPassCorp. IT-manager Kirk Damron says: "We needed to reduce the load on our Help Desk from numerous calls related to forgotten passwords". With 8000 employees and teachers and increasing complexities in passwords, the ‘forgotten password’ workload was significant.
Kirk Damron adds: "We needed a solution which was easy to implement and administrate, and easy to use for the end-users. FastPass has proved to be just that!"
Installation and implementation was done in just one day, and the continued roll-out to users has been effortless.