Self-service Password Reset
0 likes1,790 views
PortalGuard is a contextual authentication platform offering a centralized self-service password reset (SSPR) solution designed to enhance usability while maintaining security, auditing, and compliance. The platform supports various features including two-factor authentication, mobile access, and offline user recovery, making it adaptable for diverse user needs. Key benefits include reduced password-related help desk calls, greater user empowerment with self-service capabilities, and seamless integration with existing systems.
Self-service Password Reset
- 1. Understanding PortalGuard’s Centralized Self-service Password Reset: From the Web and Windows Desktop Highlighting the Self-service Password Reset Layer of the PortalGuard Platform
- 2. By the end of this tutorial you will be able to… • Define PortalGuard • Understand the challenges to finding the right self-service tool • Discover PortalGuard’s Centralized Self-service Password Reset • See the Step-by-step Authentication Process • Know the Technical Requirements
- 3. The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications. Usability Security • Single Sign-on • Knowledge-based • Password Management • Two-factor Authentication • Password Synchronization • Contextual Authentication • Self-service Password Reset • Real-time Reports/Alerts
- 4. Before going into the details… • Exact same user interface for both the Web and Windows Desktop • Support roaming - challenge questions stored in central server location • Password reset from an iPad or mobile phone • Use two-factor authentication to further verify user’s identity • Support disconnected/offline users - using password recovery • PortalGuard supports any LDAP compliant directory • Encrypted drives are supported • Tiny footprint on the Windows desktop • Side-car mode - add self-service functionality to existing login screens • Verbal Authentication to prove caller’s identity
- 5. Supporting users can prove taxing…
- 6. Shopping for the right tool can be challenging… What are your requirements? What are your budget and Help Desk costs? Are the vendors I’m looking at offering up-to-date features? • Disconnected/Offline user support • Auditing • Mobile phone support
- 7. Self-service password reset is… The process that a user initiates to prove their identity with the end goal of resetting their password. Self-service password recovery is… The process that a user initiates to prove their identity with the end goal of obtaining the current password value without changing it. + OTP
- 8. PortalGuard’s SSPR… Is flexible and offers a complete solution which has evolved with industry demands.
- 9. PortalGuard’s SSPR… Is flexible and offers a complete solution which has evolved with industry demands. • Password Reset • Password Recovery • Account Unlock
- 10. PortalGuard’s SSPR… Is flexible and offers a complete solution which has evolved with industry demands. Disconnected/Offline Password Recovery
- 11. PortalGuard’s SSPR… Is flexible and offers a complete solution which has evolved with industry demands. OTP
- 12. FEATURES
- 13. General Features: • Provides password reset, recovery and account unlock • Disconnected/Offline user support • Forced user enrollment (optional) • Integrates with AD, Novell eDirectory or any LDAP-compliant directories and custom SQL user repositories • Encrypted hard drive support • Supports multiple authentication methods • Email notifications of password resets to both admin and/or user • Lock-out thresholds • Mobile browser support
- 14. Challenge Questions & Answers Features: • Centralized – challenge information stored on server • Configurable number of mandatory/optional questions • Allows import/pre-population of challenge answers • Prevent repeat answers for multiple challenge questions • Prevent answers from containing words from the question text • Answers can be case sensitive • Configurable minimum length for challenge answers
- 15. Administrative Features: • Help Desk Console – provide interface for HD staff • Verbal Authentication – allows HD staff to authenticate a caller • Administrator Dashboard
- 16. Windows Desktop Support: • Supports Windows versions XP, Vista and Windows 7 • Self-service directly from Ctrl+Alt+Del Windows logon screen
- 17. • Increased Usability - users are now empowered to self-service their own needs and maintain productivity • Increased Security - provides two-factor authentication • Centralized Solution - same user interface for both the web and Windows desktop • No Kiosks - perform all self-service actions directly from the user’s machine • No Guest Accounts - all actions are performed from the user’s primary account • Reduced Costs – alleviate password-related Help Desk calls and demands on IT staff • Flexibility - configurable to the user, group or application levels • Seamless Integration - use “sidecar” mode to retrofit existing application login screens
- 18. HOW IT WORKS
- 19. PortalGuard provides flexibility… Allows you to configure whether the enrollment will be forced or able to be postponed “x” number of times by the user.
- 20. The Enrollment Process Step 1: The user attempts to login to a company’s portal as usual.
- 21. The Enrollment Process Step 2: In this case, the user has not yet enrolled their challenge information so PortalGuard automatically displays the enrollment screen in “sidecar” mode.
- 22. The Enrollment Process Step 3: The user is prompted to provide answers to the challenge questions.
- 23. The Enrollment Process Step 4: The process is complete and the user is now enrolled.
- 24. Step 1: The user attempts to login to a company’s existing portal but has forgotten their password. The user then clicks the “Forgot your password?” link.
- 25. Step 2: The user selects from the “Recovery Actions Available” which self- service action they would like to perform. The user selects the “Reset Forgotten Password” radio button and clicks “Continue”.
- 26. Step 3: The user is then prompted to provide their enrolled answers to the enrolled challenge questions. Once the user has supplied the answers they click “Continue”.
- 27. Step 4: The user’s identity has been verified and they are able to set a new password.
- 28. Configurable through the PortalGuard Configuration Utility: • Self-service options available to users • Authentication types available for each self- service action
- 29. Configurable through the PortalGuard Configuration Utility: • Enrollment - optional, required or disabled • Recovery lockout limit • Answer complexity • Number of optional questions • Number of mandatory questions
- 30. Configurable through the PortalGuard Configuration Utility: Mobile Phone: • Enrollment - optional, required or disabled • Phone number format • Delivery format
- 31. Configurable through the PortalGuard Configuration Utility: Email: • Enrollment - optional, required or disabled • Domain blacklist • Email display • Email format including From, Subject and Body fields
- 32. Configurable through the PortalGuard Configuration Utility: Notifications: • Type of self-service including account unlock, password reset and recovery
- 34. A MSI is used to install PortalGuard on IIS 6 or 7.x. This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only. • IBM WebSphere/WebSphere Portal v5.1 or higher • Microsoft IIS 6.0 or higher • Microsoft Windows SharePoint Services 3.0 or higher • Microsoft Office SharePoint Server 2007 or later • .NET 2.0 framework or later must be installed • (64-bit OS only) Microsoft Visual C++ 2005 SP1 Redistributable Package (x64) • Microsoft Windows Server 2000 • Microsoft Windows Server 2003 (32 or 64-bit) • Microsoft Windows Server 2008 (32 or 64-bit) • Microsoft Windows Server 2008 R2
- 35. THANK YOU For more information visit PortalGuard.com or Contact Us