myPassword
Products  >  myPassword

Reset your Active Directory password – from your
desk, phone or tablet!






Why myPassword?
  • Meet complexity requirements and manage locked accounts.
  • Minimize user downtime and dramatically decrease Help Desk costs providing an immediate and measurable ROI to your organization.
  • Ensure your users adhere to password complexity policies with a real-time complexity compliance notification that indicates the strength of a new password as it’s created.
  • SMS verification as a second authentication factor.
 

Which version is right for you?
  Standard Enterprise
Password Policy Guardian
CAPTCHA Support
Customization Options
joBot Password Expiration Job
joBot Empty Attribute Job
Mobile Support
CAPTCHA Support
SMS Verification
Web Front End  
joBot Password Check Module – includes all reports  
joBot Account Check Module – includes all reports  
Features
  • Profile Validation
  • User Authentication with Intrusion Detection
  • Vouching
  • Enhanced User Access
  • Auditing and Notification
  • Password Policy Enforcement
  • Security and Compatibility Features
  • Reporting Console
  • SMS Verification
  • Customizable Interface

The ProfileValidator assures the rapid enrollment of myPassword by checking the user's PC at logon to determine if their password reset profile has been completed. If updates are needed, the ProfileValidator can be configured to either require or suggest that the user update their profile. If users are not required to provide updates immediately, they will be reminded on each logon until complete.

The ProfileValidator is an optional feature that addresses the number one obstacle to the successful deployment of any self-service password reset solution: getting your users to enroll. When used with myPassword, the ProfileValidator will run on each user's PC at logon, and can be configured to either require the user to complete their profile before they are allowed to continue, or simply suggest that the profile be updated. In this case, the user will be reminded on each logon until the updates have been completed.

The ProfileValidator is an invaluable tool that facilitates the rapid enrollment of myPassword. And once your users can securely reset their own passwords, the relief to your help desk staff is immediate – resulting in a measurable ROI!




Using the ProfileValidator with rDirectory

When used with rDirectory, the ProfileValidator can also enforce data integrity policies for virtually any information in the user’s Active Directory profile. rDirectory’s form generators and data validators allow you to apply different data integrity policies to different users or groups using rDirectory's powerful Roles feature. Learn more!

myPassword incorporates several methods for detecting, deterring and blocking potential malicious activity. myPassword’s User Authentication system includes:

  • Inactivity timeouts
  • Progressive challenge/response protocols
  • Customizable authentication failure policies that can be configured to trigger intrusion events.
When a potential intrusion is detected, myPassword will automatically take the necessary steps to prevent the intrusion attempt from succeeding, and immediately generate email alerts to notify appropriate security personnel of the attempted attack.


Progressive Challenge/Response

If the user has completed a password reset profile, they are required to answer each question correctly before viewing the next question. An excessive number of wrong responses will trigger an event that can block the user, account or IP address and send an email notice that a potential intrusion may be occurring.


Inactivity Timer

An inactivity timer provides additional security to myPassword. When used in a kiosk mode, the inactivity timer will assure that myPassword is returned to the opening screen when left unattended, ready for the next user. When used with the Restricted Access Account, the inactivity timer will logout the Restricted Access Account and return to the normal windows logon when the PC is left unattended.


Vouching is an optional feature in myPassword that allows a manager or other authorized individual to authenticate an account on behalf of another user who has forgotten the answers to their security questions or has yet to complete a password reset profile.

Leveraging customizable, relationship-based roles, you can set up rules where different users may be allowed different vouchers, and receive different messages to indicate who can vouch for them. Since rules can leverage customizable relationship-based roles, a voucher can also be based on relationships defined in the directory, such as Manager or another custom relationship that you create.

How Vouching Works

  1. Vouching feature must be enabled and at least one voucher rule set
  2. User logon attempt fails due to forgotten password or inaccurate responses to password reset profile questions
  3. Authorized voucher enters their credentials
  4. User can logon
  5. Optionally, email notification of the vouching event can be sent to a specified address

myPassword natively supports Vista, Windows 7, Windows 8 and also includes an optional GINA extension for 32- and 64-bit Windows XP based workstations, allowing administrators to seamlessly integrate myPassword functionality into the Windows logon screen.

myPassword also features an extensive list of alternative methods to access its powerful self-service password reset capabilities, including:

  • Both GINA-free and GINA-enabled access
  • Credential Provider support
  • Outlook Web Access (OWA)
  • Direct Client Access
  • Portal or web page embedding

GINA-Enabled or GINA-Free

Users can access myPassword directly from their Windows Logon Form using either a GINA-Enabled or a GINA-Free access method. The myPassword GINA.DLL can modify the users Windows Logon Form, providing the user with a convenient link to myPassword.

myPassword also provides a convenient GINA-Free method to access myPassword directly from the Windows Logon Form using a Restricted Access Account that takes the user directly to the myPassword site, but does not allow them to access any files or other resources on the PC.




Credential Provider Support

The myPassword Credential Provider is a registry entry that modifies the standard Windows Logon screen by adding a tile that links the user to the myPassword website.

The myPasswordFilter Credential Provider is a registry entry that modifies the standard Windows Logon screen by adding a link that sends the user to the myPassword website.




Outlook Web Access Logon Form

Using the ReturnURL Access Mode of myPassword, a link to myPassword can be added directly to the Outlook Web Access Logon Form. This provides remote users with the same easy access to myPassword that employees using the Windows Logon Form enjoy. Remote users can then fill in their Question and Answer Password Reset Profile online, and when they forget their password, they will have convenient, remote access to reset the password themselves.




Customize myPassword

myPassword can easily be customized using your company graphics in order to comply with corporate standards and branding.


Each time a password modification occurs, myPassword automatically records the change in the Windows event log. You can optionally configure myPassword to generate email notifications of the change and send the notification to the user or to their manager for additional security. A special email notification occurs when a potential intruder is detected.

The following password modifications will trigger an event:

  • Password reset
  • Password change
  • Password reset profile change
  • Password reset using vouching (optional)


The following change information is recorded:

  • Who made the change
  • What was changed
  • When the change occured


Audit Event Log - Change



Email Notification - Change



Audit Event Log – Intrusion Detection



Email Notification – Intrusion Detection



Password Reset Profile Rules

With rule-based password reset profile generation, an administrator can ensure that highly secure or sensitive accounts are forced to adhere to a stringent password reset policy, while still allowing simpler Password Reset Profiles for those with limited access.




Password Generator

The optional myPassword generator ensures that password complexity and history requirements are met every time an account password is modified. The password generation feature uses a customizable dictionary of words that will be appended with numbers, and additional words and numbers as necessary, until the minimum password length is obtained. When used with the Force Password Change on next Logon feature, the generated password becomes a one-time-use password that can be as complex as you desire.

 

Client-Side Encryption and SSL Support

Client-side encryption, enabled by default in both myPassword and rDirectory, prevents sensitive information such as passwords and password profile responses from being sent over the wire in clear text. If even greater security is required, SSL can be enabled to encrypt the entire session.

Cross-browser support myPassword now supports any of the browsers listed below so end-users have more options for accessing myPassword’s features from any computer in the enterprise.

  • Microsoft Internet Explorer 7.0 or later
  • Safari 5.0.3 or later
  • Mozilla Firefox 3.6.3 or later
  • Chrome 8.0 or later
  • Opera 10.62 or later


Integration with Namescape rDirectory

myPassword can be licensed as a stand-alone product, or in combination with Namescape’s rDirectory, to form a complete enterprise-class password and account provisioning solution that allows administrators to not only enforce password reset profile policies, but also guarantee that new passwords are issued only to authenticated users.


Language Support

myPassword now ships with German, Spanish and French already translated for you. All you need to do is change your browser setting to one of these languages. myPassword can also be customized for additional languages.

myPassword and rDirectory include a Report Console that allows you to search for specific user activity, view activity summaries, and generate and export activity reports in various formats. The report console may be accessed by granting the report access role in the Namescape Designer, and then selecting the Report Console button in the upper right corner of the rDirectory client.




SMS Verification allows you to set up a secondary authentication method for resetting passwords. When SMS is configured, a verification code will be generated and sent to the user’s configured mobile number. The user will then be prompted to enter that code into the myPassword client in order to proceed.


myPassword now supports custom landing pages in addition to the existing themes.


 
How much are you spending on Password reset calls?
Number of End Users:
Help Desk Calls per user, per year X Based on META Group's average of 1.75 calls per user, per month
Total Number of Help Calls =
Percentage of calls requiring password resets X Based on META Group's average of 1.75 calls per user, per month. Gartner Group reports that password resets make up approximately 30% of total call volume
Password Calls per year =
Average cost per call X META Group reports an average cost of $25/call
Total Cost Per Year =
What Our Customers Say
  • "I found the software easy to install and implement. I like the fact that users are able to reset their passwords from the logon screen; obviously it is one of the most necessary features. Also, I like that users are forced to fill out their profile and answer their question if they haven’t."

    Network Architect, Public School District 85 Schools 30,000+ students
  • "We had 24% of our employees enroll in the first 2 weeks, after 3 months we are around 30%. It was very well received, and is used every day. In the past 2 weeks alone we have about 200 users change/reset their password using myPassword."

    Director of Technology Healthcare IT Solutions Provider
  • "The self-service password reset solution, myPassword, has cut our Help Desk calls by 50%, which increased overall productivity; both at the Help Desk and on the end-user side. Thank you Namescape"!

    Rob Hough, Dir. of Technology Srvs.Public School District
  • "myPassword has cut our Help Desk calls by 50%, which increased overall productivity, both at the Help Desk and on the end-user side. Thank you Namescape"!

    Director of TechnologyPublic School District
Featured Case Study



Learn how myPassword helps Sykes manage
thousands of user passwords and password complexity requirements.