self-service password reset
DESCRIPTION
Self-service functionality can assist with password resets, recoveries and account unlocks. By using multiple security questions and answers functionality PortalGuard is able to perform all resets directly from the end-user's machine if desired. This also includes Offline Mode, which allows the forgotten password to be shown to roaming users in clear text when they are offline, so as to continue work without returning to the office.Tutorial: http://pg.portalguard.com/self-service_password_reset_tutorialTRANSCRIPT
Centralized Self-service Password Reset:
Highlighting the Self-service Password Reset Layer of the PortalGuard Platform
From the Web and Windows Desktop
Understanding PortalGuard’s
• Define PortalGuard
• Understand the challenges to finding the right self-service tool
• Discover PortalGuard’s Centralized Self-service Password Reset
• See the Step-by-step Authentication Process
• Know the Technical Requirements
By the end of this tutorial you will be able to…
The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a
balance between security, auditing and compliance for your web, desktop and mobile applications.
• Single Sign-on
• Password Management
• Password Synchronization
• Self-service Password Reset
• Knowledge-based
• Two-factor Authentication
• Contextual Authentication
• Real-time Reports/Alerts
Usability Security
Before going into the details…
• Exact same user interface for both the Web and Windows Desktop
• Support roaming - challenge questions stored in central server location
• Use two-factor authentication to further verify user’s identity
• Password reset from an iPad or mobile phone
• Support disconnected/offline users - using password recovery
• PortalGuard supports any LDAP compliant directory
• Encrypted drives are supported
• Tiny footprint on the Windows desktop
• Verbal Authentication to prove caller’s identity
• Side-car mode - add self-service functionality to existing login screens
Supporting users can prove taxing…
Shopping for the right tool can be challenging…
What are your budget and Help Desk costs?
Are the vendors I’m looking at offering up-to-date features?
What are your requirements?
• Disconnected/Offline user support • Auditing • Mobile phone support
Self-service password reset is…
The process that a user initiates to prove their identity with the end goal of resetting their password.
Self-service password recovery is…
The process that a user initiates to prove their identity with the end goal of obtaining the current password value without changing it.
OTP +
PortalGuard’s SSPR…
Is flexible and offers a complete solution which has evolved with industry demands.
PortalGuard’s SSPR…
Is flexible and offers a complete solution which has evolved with industry demands.
• Password Reset • Password Recovery • Account Unlock
PortalGuard’s SSPR…
Is flexible and offers a complete solution which has evolved with industry demands.
Disconnected/Offline Password Recovery
PortalGuard’s SSPR…
Is flexible and offers a complete solution which has evolved with industry demands.
OTP
FEATURES
• Provides password reset, recovery and account unlock • Disconnected/Offline user support • Forced user enrollment (optional) • Integrates with AD, Novell eDirectory or any LDAP-compliant
directories and custom SQL user repositories • Encrypted hard drive support • Supports multiple authentication methods • Email notifications of password resets to both admin and/or user • Lock-out thresholds • Mobile browser support
General Features:
• Centralized – challenge information stored on server • Configurable number of mandatory/optional questions • Allows import/pre-population of challenge answers • Prevent repeat answers for multiple challenge questions • Prevent answers from containing words from the question text • Answers can be case sensitive • Configurable minimum length for challenge answers
Challenge Questions & Answers Features:
• Help Desk Console – provide interface for HD staff • Verbal Authentication – allows HD staff to authenticate a caller • Administrator Dashboard
Administrative Features:
• Supports Windows versions XP, Vista and Windows 7 • Self-service directly from Ctrl+Alt+Del Windows logon screen
Windows Desktop Support:
• Increased Usability - users are now empowered to self-service their own needs and maintain productivity
• Increased Security - provides two-factor authentication • Centralized Solution - same user interface for both the web and
Windows desktop • No Kiosks - perform all self-service actions directly from the
user’s machine • No Guest Accounts - all actions are performed from the user’s
primary account • Reduced Costs – alleviate password-related Help Desk calls and
demands on IT staff • Flexibility - configurable to the user, group or application levels • Seamless Integration - use “sidecar” mode to retrofit existing
application login screens
HOW IT WORKS
PortalGuard provides flexibility…
Allows you to configure whether the enrollment will be forced or able to be postponed “x” number of times by the user.
The Enrollment Process
Step 1: The user attempts to login to a company’s portal as usual.
The Enrollment Process
Step 2: In this case, the user has not yet enrolled their challenge information so PortalGuard automatically displays the enrollment screen in “sidecar” mode.
The Enrollment Process Step 3: The user is prompted to provide answers to the challenge questions.
The Enrollment Process
Step 4: The process is complete and the user is now enrolled.
The user attempts to login to a company’s existing portal but has forgotten their password. The user then clicks the “Forgot your password?” link.
Step 1:
Step 2:
The user selects from the “Recovery Actions Available” which self-service action they would like to perform. The user selects the “Reset Forgotten Password” radio button and clicks “Continue”.
Step 3:
The user is then prompted to provide their enrolled answers to the enrolled challenge questions. Once the user has supplied the answers they click “Continue”.
The user’s identity has been verified and they are able to set a new password.
Step 4:
Configurable through the PortalGuard Configuration Utility:
• Self-service options available to users
• Authentication types
available for each self-service action
• Enrollment - optional, required or disabled
• Recovery lockout limit • Answer complexity • Number of optional
questions • Number of mandatory
questions
Configurable through the PortalGuard Configuration Utility:
Configurable through the PortalGuard Configuration Utility:
Mobile Phone:
• Enrollment - optional, required or disabled
• Phone number format
• Delivery format
Configurable through the PortalGuard Configuration Utility:
Email:
• Enrollment - optional, required or disabled
• Domain blacklist
• Email display
• Email format including
From, Subject and Body fields
Configurable through the PortalGuard Configuration Utility:
Notifications:
• Type of self-service including account unlock, password reset and recovery
TECHNICAL REQUIREMENTS
A MSI is used to install PortalGuard on IIS 6 or 7.x.
This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only.
• IBM WebSphere/WebSphere Portal v5.1 or higher • Microsoft IIS 6.0 or higher • Microsoft Windows SharePoint Services 3.0 or higher • Microsoft Office SharePoint Server 2007 or later
• .NET 2.0 framework or later must be installed • (64-bit OS only) Microsoft Visual C++ 2005 SP1 Redistributable Package (x64) • Microsoft Windows Server 2000 • Microsoft Windows Server 2003 (32 or 64-bit) • Microsoft Windows Server 2008 (32 or 64-bit) • Microsoft Windows Server 2008 R2
THANK YOU For more information visit PortalGuard.com or Contact Us