SELF SERVICE PASSWORD RESET

See the drivers for self service password reset success

 

 

What is self service password reset?

That’s when the users reset passwords without personal assistance. User verification is done with alternate security credentials.

 

What’ self service password reset’s 3 overall benefits?

  • Higher end-user service and productivity

  •  Security and compliance

  • Service desk productivity

 

Why implement self-service of passwords?

self service password reset

The key value drivers for end-user services are:

  • User self service password reset available 24/7
  • Easy password service for BYOD users (password change and expiration)
  • Password reset for remote PC’s password cache
  • Increased productivity

self service password reset

The key value drivers for the service desk are:

  • Time to do important calls
  • Fewer calls = lower costs
  • Easier planning when Monday morning peaks stop

self service password reset

The key value drivers for compliance and IT-security are:

  • The avoidance of penalties and fines from authorities
  • The avoidance of the embarrassments of public data breaches
  • The avoidance of business losses from data breaches

 

Research proves that success is difficult to achieve

Market research from Service Desk Institute (SDI) shows, however, that many companies fight with the business case. They find it difficult to get user acceptance, and then it is only 20-40% of the password calls which are handled by self service). FastPassCorp has, however, many customer cases with very high adoption rates, so password self service success is achievable—when you have the right plan and process!

Successful Self service password reset with FastPass

Successful End-User Service

The profile of end-users has changed rather dramatically. Modern users bring their own smart devices (like smartphones and iPads) and expect to do their work and use the applications on these devices from anywhere and at any time they want. Additionally, users who use the smart-devices have basic password problems with their corporate systems. They are not notified of the expiration of their password (it only happens for on-domain PC users) and it is not obvious where to make the password change.

The simple solution with FastPass is to email password expiration notification to these users, and in the e-mail offer a link to the FastPass portal, where AD passwords can be changed easily.

Users with portable PCs have a special technical problem when they forgot passwords on a remote location like home, a customer’s site, in hotels, but still need to unlock PC. Even the best service desk can’t reset the password on the PC’s cache. This means that although the service desk can reset the password in Active Directory, the user can’t use his or her mobile PC anyway, as the old password remains in the PC. If this happens, the PC remains unusable until the user returns to the office (on a domain)—even an overseas trip can be wasted!

FastPass has a solution for the remote PC password-cache reset!

Service desk productivity

In fact, 86% of companies with password self service had less than 40% adoption or success rate. This means that in 86% of cases, users call in to the service desks with more than 60% of their password problems! This is the result of poor implementation, either technical or organizational.

Many factors are critical in resolving this issue:

  1. Proper change management and user education become critical.
  2. Senior management buy-in and sponsorship is of utmost importance. The CIO might even take the stance that no more password resets at the help desk are accepted! With this type of support, the uptake and utilization of the solution increase tremendously.
  3. The structure and permission given to the help desk may be inadequate.
  4. Analysis and design of the solution are important. No one solution will fit all organizations and proper analysis of the real business requirements is crucial. This will make the solution relevant to all stakeholders within an organization.

FastPass customers have often proved that adoption rates beyond 80%—even 85–95%—are achievable with the right solution and a best practice implementation.

Compliance and IT-security

For many years, it has been good practice to have relatively advanced password policies (complexity and length, short expiration, history to prevent repeat passwords, and so on), which prevent the theft of passwords. Passwords have been protected technically by encryption in transport and storage, so much has already been done.

At the same time, there has also been a very strong focus on cost reduction in all IT processes, including the service desk. In most companies, password calls must be handled quickly and efficiently. The result is now that many companies don’t even verify identity in place when a user calls for a password reset. Despite the presence of a lot of technical protection, getting a password to another user’s account is mostly quite easy.

Why a privileged user from the service desk or user administration department will give a password to a “wrong” user:

  • No authentication process is defined by management.
  • A weak authentication process is easy to bypass.
  • The privileged user is busy (it’s Monday morning) and hopes for the best.
  • The user on the phone charms or threatens the privileged user.
  • The privileged user is corrupt / criminal.

It happens! IDC cites other research from 2016 stating that 63% of data breaches are caused by some sort of password issue. IDC suggests using self service of passwords as the way to become compliant in the password process.

With an IT-workflow and “Best Practices,” companies can become compliant and prevent the serious risks associated with the misuse of passwords.

Read more about Best Practices for Self Service Password Reset to achieve 90% user adoption

Successful Implementation of Self-Service password reset tool

When the decision to implement password self service has been made, the fundamental question is how to help the project owner achieve their business case? Many will consider this an easy target, but the Service Desk Institute (SDI) found that this is far from the case. Success depends on the realization that users are involved, and password projects are not just a technical button!

The SDI survey identified the following inhibitors to success:

self service password reset

Motivation

We want users to change their habit of calling the service desk. The traditional thinking is to inform the users of benefits to them personally. Another important aspect is, however, to be honest about the expected results for the company: Higher productivity and improved security regarding passwords.

self service password reset

Enrollment

All self service password reset software must rely on an alternative method to authenticate, now that the user has forgotten their password. The alternative authentication must be known only to the user and the IT solution. This means that practically all valid authentication methods need the user to enroll.

self service password reset

Accessibility

Users must be able to do self service from the device they have or prefer to use. Large companies will often have different types of users coming from different types of places with different devices.

self service password reset

Authentication

The most common method for authentication in self service is challenge questions. The problem is that 20–40% of users can’t remember the answers to the questions from a standard list. To achieve a 90% success rate requires the introduction of other methods, such as TOTP solutions like Microsoft Authenticator, and token based like smart-cards for authentication to other systems.

self service password reset

Assistance

No matter how well a solution is designed or implemented, now and then users will get into situations where the only course of action is to call the service desk. FastPass’s HelpDesk Client helps the service desk to authenticate the user before giving the user a PIN code to re-enroll. Then when the user has enrolled, they can immediately reset their password through self-service and now will probably be able to serve themselves next time. 

self service password reset

Compliance

Compliance is becoming increasingly important, driven by the EU’s General Data Protection Regulation (GDPR) act. This means high and direct costs related to data breaches will hit many organizations in case of non-compliance with standard requirements. Making the process secure means it will take longer than usual. This will soon become known in the organization, and users will try harder to be successful with self service.

See a short introduction video on

Best practices for password self service

GET IN ONE CLICK!

Password reset self service and synchronization with FastPass

Think FastPass!

FastPass covers the important password manager processes for self service of passwords with a compliant and secure process for the facilitated password reset process in the service desk. The results are high productivity and ease-of-use for all types of corporations.

FastPass covers all types of passwords (Windows / SAP/ Oracle / IBM i, etc.). FastPass supports Active Directory and Azure Active Directory users.

Choose FastPass password reset solution.

Research proves that success is difficult to achieve

The Catch-22 problem with corporate password problems is that your device is probably locked when you have a password problem. Even though password calls are the most frequent call type in service desks, then the individual users on average only have a problem once per year! This differentiates self service passwords solutions significantly from other password self service portals. These facts probably explain the discouraging degree of success for the average password projects.

Only 8% of all respondents have reached their business objectives, and 56% were poor or worse according to the SDI research. The conclusion is obviously that a password management project must focus on the users’ behavior to be successful. Contact us to discuss how you can be successful.

Want more information about FastPass products, pricing or anything else?

We are here to help you!

Testimonials

”We strive continuously to improve our service. It is important to us to deliver modern and simple solutions helping customers to a more efficient operation. The cooperation with FastPass is yet another step in this direction”.

Mads Jacobsen
 Associate vice president

… seen an 80% reduction in assisted password resets. We’re very satisfied with the product. It has significantly freed us up from frustrating and unrewarding password resets

Oliver Holmes

Deputy Director, Technology and Operations

… The numbers have grown to the point that it would be impossible to operate in today’s busy environment without a password management service

 

 

FastPass handled 2,531 password calls, or more than 80% of the total password calls from all the users.

Per Kristensen

Project manager

 

…we have met our Customers’ Service and Cost Improvement challenges by reducing our call abandon rates by over 55% and our average wait times by over 60%, despite our overall budget being reduced.

Pete Townley

Lead Service Delivery

 

… about 90% use FastPass to reset their passwords. So we’ve seen a substantial reduction in calls to the help desk.

Winston Hughed

Vice President IT

 

We are very pleased with the product.  Fast pass has simplified password management and eliminated many password related calls

 

Chuck Mick

ERP Manager

Nyrstar has chosen FastPass to automate and improve the processes related to users’ forgotten passwords. This has improved user satisfaction and reduced the workload in the IT HelpDesk.

The number of forgotten passwords per involved user per year has dropped from 1,6 to 0,3. This is an improvement of 83%!

Hans Lauwers

SAP

 

… The numbers have grown to the point that it would be impossible to operate in today’s busy environment without a password management service

Haydn Tarr

IT Technical Lead & Coordinator

 

Our employees use it to synchronize their Windows password with their IBM i password when they need to be changed every 90 days due to compliance. We find this is a quiet, behind-the-scenes way for our employees to change and remember their passwords.”

Larry Marxen

Director of Information Systems

 

North America T: + 818 697 2308

Europe T: + 45 4810 0410

 

FastPassCorp A/S,  USA

FastPassCorp A/S, Gladsaxevej 376, st.th; 2860 Gladsaxe, Denmark

© FastPassCorp A/S. All Rights Reserved.

Logo of fastpasscorp, the self-service password management provider
Subscribe To Our Newsletter
No Thanks
Thanks for signing up. You must confirm your email address before we can send you. Please check your email and follow the instructions.
We respect your privacy. Your information is safe and will never be shared.
Don't miss out. Subscribe today.
×
×
WordPress Popup Plugin