www.tools4ever.com

TOOLS4EVERIDENTITY GOVERNANCE & ADMINISTRATION

self service reset password manager (ssrpm)

TECHNICAL LEAFLET

componentsu A central Windows service handles the SSRPM settings (challenge questions, security settings etc.) and retrieves the encrypted answers, to the

questions users had previously defined. The central service verifies whether the answers entered are correct and handles the unlocking of accounts and password reset operations.

u The “Forgot My Password” button, located on the login screen of each PC and on a website deployed in your environment. Through this interface, a request to unlock an account or reset a password can be sent to the central service.

u A management console that allows systems administrators to implement, set up, and manage the password policies and generate reports on usage.

ssrpm modulesu Base Module - The Base SSRPM module contains the basic

functionality required to give end users the ability to self-manage their password resets and change their Active Directory passwords without the intervention of the helpdesk. If a user has forgotten their password, they can launch SSRPM by simply clicking on the “Forgot My Password” button. After correctly answering a number of challenge questions, the user can set a new password on their own.

u Web Module - The integrated Web Module provides SSRPM accessibility outside the corporate network, enabling users to reset their passwords any time, anywhere from whatever device they have available including devices such as smartphones and tablets. The Web Module expands connectivity by integrating seamlessly with Microsoft Outlook Web Access (OWA) and Forefront Threat Management Gateway (TMG).

u Two Factor Authentication Module – This module enables two-factor authentication that – when used in conjunction with the SSRPM basic password reset functionality, provides a second level of security via a PIN code. When users want to reset their password using SSRPM, the application sends a text message or e-mail containing a PIN code to the user’s mobile device or alternative e-mail. After the user has entered the correct PIN code, they can reset their password.

u Helpdesk Caller ID Verification Module - This module provides organizations with a means to confirm a caller’s identity over the phone. When end users are registered into the SSRPM system, they setup a series of challenge questions and answers, e.g., “In which city was your first employer?” Should an end user require telephone support for an issue, the module enables Helpdesk staff to simply request random characters from the answers to the security questions previously provided bu the caller as a means of verifica-tion. After entering the correct characters, the caller's identification is verified and the helpdesk staff can process the request further.

u Self Service Module - This component allows end users the ability to update specific attributes in Active Directory on their own. System administrators define which attributes they want to allow end users to update. After providing the credentials, end users can update fields such as moile phone number, address or any other AD attribute. These new values are then directly populated into Active Directory.

u Auto Enroll Module - This module allows data to be collected from a HR or SIS applictaion and used to prepopulate answers in the SSRPM database, thus eliminating the need for employees to complete the enrollment process. Data such as last 4 digits of an employee ID, zip code, date of birth, etc. can be set as the answers to challenge questions ensureing the product is available for everyone’s use immediately. A scheduled process ensures the information is always up to date.

self service reset password management (ssrpm) enables end users to reset their own passwords by

answering several predefined challenge questions. with its simple and straight forward implementation

process, the ssrpm solution is fully operational in less than two hours.

TOOLS4EVERIDENTITY GOVERNANCE & ADMINISTRATION

TECHNICAL LEAFLET

technical featuresInstallation• A simple, straightforward implementation process enables the

SSRPM solution to be fully operational in less than two hours.• End users are provided with easy-to-follow instructions via a

wizard-based enrollment process.

Configuration• Policies can be set per domain, OU or group. • Customization options are available for the Admin Console GUI,

website and reporting.• Password complexity and history requirements are enforced

according to the AD policies.• A comprehensive range of paramaters are available for setting

question and answer policies, language, answer complexity, etc.

Security• Answers provided by end users are encrypted and securely stored in

the SSRPM database.• Security levels can be set and adjusted based on organizational

needs.• Supports two-factor authentication via a PIN code sent by e-mail

and/or SMS message.

Reporting• Detailed reporting capabilities

o Enrollment statuso Completed/failed password resetso Incorrect answer tracking by user o Blocked user access attempts

These reports can be generated and made available on the Intranet or e-mailed to system administrators. There is also the ability to generate e-mail notifications to managers in case of a particular event type, e.g. when a blocked user attempts to access the system.

General• Multi-platform support provides the ability to synchronize password reset to virtually any application or system.• Secure delegation of a select number of SSRPM system administration tasks to a helpdesk agent, e.g. to enforce the re-enrollment of an end user or unblock an account.• Remote accessibility from any device includinglaptops, desktops and iOS or Android devices.

system requirementsHardware:• Intel I3 processor or higher• 4 GB of RAM or greater• 40GB harddrive or greater• Virtual machine environment fully supported• IIS required for web interface utilization

Software:• Client side o Windows XP or later o Citrix and Microsoft Terminal Services fully supported o All major web browsers are fully supported• Server side o Windows Server 2008 or later o 32 and 64 bit supportDatabases: • MS Access (included with SSRPM)• MS SQL 2008 or higher (required for replication)• SQL Express supported

contact tools4ever today to learn more about how ssrpm can help simplify and streamline your password management workflows.

east - call: 866-482-4414 or email us at: nasales@tools4ever.comwest - call: 888-770-4242 or email us at: nwsales@tools4ever.com