Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Self-service Password Reset


Published on

Self-service functionality can assist with password resets, recoveries and account unlocks. By using multiple security questions and answers functionality PortalGuard is able to perform all resets directly from the end-user's machine if desired. This also includes Offline Mode, which allows the forgotten password to be shown to roaming users in clear text when they are offline, so as to continue work without returning to the office.


Published in: Technology
  • Be the first to comment

  • Be the first to like this

Self-service Password Reset

  1. 1. Understanding PortalGuard’sCentralized Self-service Password Reset: From the Web and Windows Desktop Highlighting the Self-service Password Reset Layer of the PortalGuard Platform
  2. 2. By the end of this tutorial you will be able to… • Define PortalGuard • Understand the challenges to finding the right self-service tool • Discover PortalGuard’s Centralized Self-service Password Reset • See the Step-by-step Authentication Process • Know the Technical Requirements
  3. 3. The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications. Usability Security • Single Sign-on • Knowledge-based • Password Management • Two-factor Authentication • Password Synchronization • Contextual Authentication • Self-service Password Reset • Real-time Reports/Alerts
  4. 4. Before going into the details…• Exact same user interface for both the Web and Windows Desktop• Support roaming - challenge questions stored in central server location• Password reset from an iPad or mobile phone• Use two-factor authentication to further verify user’s identity• Support disconnected/offline users - using password recovery• PortalGuard supports any LDAP compliant directory• Encrypted drives are supported• Tiny footprint on the Windows desktop• Side-car mode - add self-service functionality to existing login screens• Verbal Authentication to prove caller’s identity
  5. 5. Supporting users can prove taxing…
  6. 6. Shopping for the right tool can be challenging…What are your requirements? What are your budget and Help Desk costs? Are the vendors I’m looking at offering up-to-date features? • Disconnected/Offline user support • Auditing • Mobile phone support
  7. 7. Self-service password reset is…The process that a user initiates to prove their identity withthe end goal of resetting their password.Self-service password recovery is…The process that a user initiates to prove their identity withthe end goal of obtaining the current password valuewithout changing it. + OTP
  8. 8. PortalGuard’s SSPR…Is flexible and offers a complete solution which has evolvedwith industry demands.
  9. 9. PortalGuard’s SSPR…Is flexible and offers a complete solution which has evolvedwith industry demands.• Password Reset• Password Recovery• Account Unlock
  10. 10. PortalGuard’s SSPR…Is flexible and offers a complete solution which has evolvedwith industry demands.Disconnected/Offline Password Recovery
  11. 11. PortalGuard’s SSPR…Is flexible and offers a complete solution which has evolvedwith industry demands. OTP
  12. 12. FEATURES
  13. 13. General Features:• Provides password reset, recovery and account unlock• Disconnected/Offline user support• Forced user enrollment (optional)• Integrates with AD, Novell eDirectory or any LDAP-compliant directories and custom SQL user repositories• Encrypted hard drive support• Supports multiple authentication methods• Email notifications of password resets to both admin and/or user• Lock-out thresholds• Mobile browser support
  14. 14. Challenge Questions & Answers Features:• Centralized – challenge information stored on server• Configurable number of mandatory/optional questions• Allows import/pre-population of challenge answers• Prevent repeat answers for multiple challenge questions• Prevent answers from containing words from the question text• Answers can be case sensitive• Configurable minimum length for challenge answers
  15. 15. Administrative Features:• Help Desk Console – provide interface for HD staff• Verbal Authentication – allows HD staff to authenticate a caller• Administrator Dashboard
  16. 16. Windows Desktop Support: • Supports Windows versions XP, Vista and Windows 7 • Self-service directly from Ctrl+Alt+Del Windows logon screen
  17. 17. • Increased Usability - users are now empowered to self-service their own needs and maintain productivity• Increased Security - provides two-factor authentication• Centralized Solution - same user interface for both the web and Windows desktop• No Kiosks - perform all self-service actions directly from the user’s machine• No Guest Accounts - all actions are performed from the user’s primary account• Reduced Costs – alleviate password-related Help Desk calls and demands on IT staff• Flexibility - configurable to the user, group or application levels• Seamless Integration - use “sidecar” mode to retrofit existing application login screens
  18. 18. HOW IT WORKS
  19. 19. PortalGuard provides flexibility…Allows you to configure whether the enrollment will be forced or able tobe postponed “x” number of times by the user.
  20. 20. The Enrollment ProcessStep 1: The user attempts to login to a company’s portal as usual.
  21. 21. The Enrollment ProcessStep 2: In this case, the user has not yet enrolled their challengeinformation so PortalGuard automatically displays the enrollment screenin “sidecar” mode.
  22. 22. The Enrollment ProcessStep 3: The user is prompted to provide answers to the challengequestions.
  23. 23. The Enrollment ProcessStep 4: The process is complete and the user is now enrolled.
  24. 24. Step 1:The user attempts to login to a company’s existing portal but hasforgotten their password. The user then clicks the “Forgot yourpassword?” link.
  25. 25. Step 2:The user selects from the “Recovery Actions Available” which self-service action they would like to perform. The user selects the “ResetForgotten Password” radio button and clicks “Continue”.
  26. 26. Step 3:The user is then prompted to provide their enrolled answers to theenrolled challenge questions. Once the user has supplied the answersthey click “Continue”.
  27. 27. Step 4:The user’s identity has been verified and they are able to set a newpassword.
  28. 28. Configurable through the PortalGuard Configuration Utility:• Self-service options available to users• Authentication types available for each self- service action
  29. 29. Configurable through the PortalGuard Configuration Utility:• Enrollment - optional, required or disabled• Recovery lockout limit• Answer complexity• Number of optional questions• Number of mandatory questions
  30. 30. Configurable through the PortalGuard Configuration Utility:Mobile Phone:• Enrollment - optional, required or disabled• Phone number format• Delivery format
  31. 31. Configurable through the PortalGuard Configuration Utility:Email:• Enrollment - optional, required or disabled• Domain blacklist• Email display• Email format including From, Subject and Body fields
  32. 32. Configurable through the PortalGuard Configuration Utility:Notifications:• Type of self-service including account unlock, password reset and recovery
  34. 34. A MSI is used to install PortalGuard on IIS 6 or 7.x.This version of PortalGuard supports direct access and authenticationto cloud/browser-based applications, only.• IBM WebSphere/WebSphere Portal v5.1 or higher• Microsoft IIS 6.0 or higher• Microsoft Windows SharePoint Services 3.0 or higher• Microsoft Office SharePoint Server 2007 or later• .NET 2.0 framework or later must be installed• (64-bit OS only) Microsoft Visual C++ 2005 SP1 Redistributable Package (x64)• Microsoft Windows Server 2000• Microsoft Windows Server 2003 (32 or 64-bit)• Microsoft Windows Server 2008 (32 or 64-bit)• Microsoft Windows Server 2008 R2
  35. 35. THANK YOUFor more information visit or Contact Us