Password Reset tool for Active Directory, Entra (Azure AD) and more

Easy for end-users to access and use, available as Cloud and On-premise, a quick, flexible and complete SSPR solution

Read on for easy 4 steps to reach 90%+ adoption rate for on-premise or cloud solution [close to 2 million users] and the configuration and security features of the leading solution - FastPass SSPR.

Self service password reset is one of the most efficient solutions any support organization can initiate. About 20-30% of all calls to a service desk are related to passwords. Improved end-user service level and reduced workload are attractive for any service desk manager and IT-operations manager. The prerequisite for success is dependent on users' acceptance rate of using self service password reset tool.

FastPass offers functionality and a best practice guide that secures our customers' more than 90% adoption rate.



  • Force whenever applicable
  • Automatic emails for the rest


  • From Domain PC: Pre Windows credential provider
  • From external domain PC’s: With PC password cache reset
  • WEB-portal for guest PCs
  • Responsive design for all smart devices


  • When users call anyway the service desk agent must have assistance for authenticating users
  • Users should have a PIN to re-enroll in self-service and not a password


Question / answer method made for user experience

  • Private and semi-private answers for security questions
  • Standard questions
  • Individual personal questions
  • Bulk update of corporate data is possible, but not recommended

PIN-code push

  • For mobile phones
  • For e-mails (private)

Smart cards

Commercial methods like DUO, RSA

TOTP generally available

  • Microsoft authenticator
  • Google Authenticator

Country or industry-specific

Combine above to make multifactor authentication MFA

Active Directory Self Service Portal


Contact Us image

Contact FastPassCorp to discuss solutions to your situation

FastPass for Enterprise

offers all of the above for as well the customer who needs an on-premise solution and for customers wanting to go Cloud. The solution is even available for managed service providers as a multi-tenant solution for customers and cloud users!

The FastPass best practice SSPR passwords guide is a clear checklist on how to implement FastPass and reach +90% adoption and success rate.

This is however not enough to guarantee success. All installations are unique and the solution must adapt to the real requirements for user convenience and company IT-security requirements.

A reasonable term for this is CONFIGURABILITY! 

Configurability considerations for active directory password reset tool software. Below is just a short overview of some of the decisions to be considered.

6 STEPS TO SUCCESS: Password Self Service


FastPass V4 - Secure Enterprise Passwords

FastPass V4 brings comprehensive password protection to secure organizations. Making passwords complex, avoiding the use of dictionary passwords and popular phrases as part of the password, changing the password regularly, and protecting the password processes will make your organization unattractive to hackers.

The nature of passwords is to make IT systems SECURE!

The security of a software application does not only depend on the software; but also on the complete security of the IT infrastructure. When it comes to IT infrastructure FastPassCorp cannot dictate to customers how to configure. We will however promise that we in documentation and consulting recommendations will inform how you can configure your IT system to protect your FastPass data and processes in your infrastructure.

Protecting the integrity of data

  • Using SSL to connect to AD makes the communication secure. Requires Security Certificate where encryption is RSA with key 2048 or 4096 bits.
  • Internal system encryption is based on AES256 which is the strongest with .net
  • Sensitive data are stored in the database using encryption is based on AES256 which is the strongest with .net
  • User data can be hashed in addition to encryption to completely protect user data
  • All sensitive data such as the users’ answers and questions are all AES 256 Bit encrypted.
  • The FastPass TrackEngine makes sure no one can intercept and repost data.
  • Internal communication from Front-end to Back-end to Gateway is only possible using trusted SSL certificates and only from selected IP addresses
  • Password can be stored encrypted (AES 256Bit Encrypted) in the FastPass Database. This enables a set of features to tighten security regarding password history. For example the minimum number of differences to any previously used password.

Preventing access to user’s FastPass account

  • Notification to the user of authentication attempts using Question/Answers
  • A user cannot answer the same challenge question twice or have the same answers
  • FastPass always checks if a user is still enabled and active in AD before the user can use FastPass (FastPass does not enable users)
  • After 3 failed attempts users are locked in FastPass (not in AD), Service Desk assistance is needed to unlock the account again.
  • CAPTCHA protection against robotic attempts is included.

The Best Practices for security and protection of FastPass access will include the following actions:

  • The fundamental component is the installation of FastPass WEB-services in DMZ.
  • Hardening of the DMZ-server according to the FastPass Hardening documentation
  • Demand 2-factor authentication for users coming from WAN
  • User notification of password reset
  • Notify users via SMS and e-mail that their FastPass account has been used – eg. when authentication fails.
  • Use only SSL/TLS versions that are PCI-Compliant

For extra secure environments, the following aspects can be evaluated

  • Only allow access to through the Windows Client on remote PCs (Blocks the browser interface)
  • Demand remote devices to present a trusted device/user certificate
  • Allow Enrollment only from the LAN
  • Limit the IP address scope allowed on the WAN-side

Made Best for Users

In today’s environment, users expect fast self-service for any issues they might have with IT. As the most frequent issue is active directory password reset calls, then IT self service must include an Active Directory password self-service functionality. This will resolve users’ issues faster than calling a service desk. It can even turn critically if the problem appears outside the working hours of the service desk.

FastPass Self Service Password Reset Active Directory portal lets you start for an advanced and automatic platform for Windows Active Directory passwords. You can later add functionality as your requirements increase. You might also consider FastPass Cloud.

FastPass basic functions are based on a self-service WEB-portal where users are able to unlock their Active Directory account or reset their forgotten active directory password. Different ways of authentication are available: challenge questions, SMS-Pin codes, Google and Microsoft authenticators or other. Even 2-factor authentication can be dynamic! Access to the portal is from any device with a standard browser – smartphones included. Users get assistance to make the new password according to password policy. The user can select the end-user language from more than 40 different languages.

For more details on functionality see FastPass SSPR Features.

Optional Features and Facilities

Many organizations can improve the self service Active Directory password reset business case and user satisfaction by adding more advanced functionality to FastPass.

  • With FastPass PC-client users get access to the portal from a locked Domain PC with a credential provider. This is the most usual situation for end-users experiencing problems with passwords. No need to go to another device to access the WEB-portal!
  • Enrollment is key to user adoption rates. With FastPass PC-client users are forced to enroll!
  • Non-domain users can be invited to enroll by FastPass automatic e-mail enrollment service.
  • HelpDesk client is available for the service desk support for those users who call for support anyway. It speeds up the service and increases security.
  • For users with corporate PC’s who access the system from the external network (from home or travel), the Remote PC-client enables FastPass to reset the PC-cache password. This can’t be done by the service desk with traditional tools and is an extraordinary value.
  • Organizations with multiple Active Directories can handle this complexity in the extended version

How does a Self-service password reset solution SSPR work?


When the authentication is accepted the user must make his new password. For user convenience, the password policy must be visible to help the user make a compliant password. As the user compiles the different policy elements can turn green to show the user that the password is OK. 


FastPass is of course also available from external PC’s via WEB-access and for smartphones and tablets. 

Microsoft Password Reset

Microsoft password reset (in other words, when user forgot windows passwords) is traditionally done by the service desk using their privileged passwords for Active Directory.

Better productivity and service is achieved with an AD SSPR tool like FastPass SSPR . Customers with FastPass SSPR are successful with password self service because of the following qualities in the service:

  1. Users who need to enroll can easily do with “forced enrolment or with the FastPass automatic e-mail enrolment service and Service Desk tool.
  2. Access is needed from all type of devices from internal and external networks. The devices can be corporate PCs, smartphones, tablets, and general browser access to the FastPass Password Reset Portal.
  3. Authentication must be both easy and secure at the same time. You can configure if you want single or multi-factor authentication MFA. FastPass supports:
  • TOTP codes
  • SMS pins to the users phone
  • Email pin codes
  • Microsoft Authenticator and Google Authenticator
  • DUO
  • Okta
  • SAML
  • MitID
  • Manager Approval
  • Colleague Approval
  • Radius
  • RSA
  • Safenet
  • Codecard
  • Smart cards
  • Standard question and answers in different manners, preloaded or answered when enrolling
  • Users’ own questions and answers
  • Other options
  • Assistance from the service desk if the user is unable to do self service

FastPass supports Active Directory and Entra (Azure AD) Active Directory users and also resets passwords in SAP, Oracls, MSSLQ, IBMi, IBM z/OS, Google, eDirectoty, LDAP, Tivoli, Linux, Unix, Generic options, over SSH/API.

What our customers are saying about us

The biggest businesses in different industries trust FastPassCorp

“We have seen an 80% reduction in assisted password resets. We’re very satisfied with the product. It has significantly freed us up from frustrating and unrewarding password resets.

We can quickly ensure our students receive the very best in learning and teaching.

I highly recommend FastPass. It is a comprehensive, enterprise solution with very high end-user acceptance. It is certainly a best in breed product— clearly focused on providing secure password management. FastPassCorp offers excellent service and a technically robust solution. “


Oliver Holmes - Deputy Director, Technology and Operations

Nyrstar has chosen FastPass to automate and improve the processes related to users’ forgotten passwords. This has improved user satisfaction and reduced the workload in the IT HelpDesk. The number of forgotten passwords per involved user per year has dropped from 1,6 to 0,3. This is an improvement of 83%!

“We have worked with FastPass for nearly 3 years now, and we have reached the objective for our project. As being one of the first FastPass SAP customers we had some initial challenges. FastPassCorp delivers however very dedicated and qualified support and we have for several years been very satisfied. Recently we decided to extend FastPass to all our international users, and will then reach 5.000 users.”


Hans Lauwers - SAP Technical Analyst

NNIT has chosen FastPass based on its versatility, as it is able to fit different customer requirements for end-user functions and technical specifications. It is a strategic order for FastPassCorp, rewarding its focus on the MSP version of FastPass for large international outsourcing and MSP companies such as NNIT.

”We strive continuously to improve our service. It is important to us to deliver modern and simple solutions helping customers to a more efficient operation. The cooperation with FastPass is yet another step in this direction”.


Mads Jakobsen - Associate vice president for NNIT

Protect your Passwords today with FastPass

Get in touch with us today by filling up the form and our team will get back to you as soon as possible.

Scroll to Top