Self Service Password Reset | myPassword Features

myPassword is a simple yet powerful, self-service password reset solution that enables users to reset forgotten passwords and unlock their accounts - dramatically reducing user downtime. myPassword's secure, web-based interface allows IT to implement stronger password controls and policies and reduce Help Desk calls while providing an immediate, measureable ROI.

 Access via Windows Logon  and  Enhanced User Access
myPassword has an optional GINA.DLL that modifies the user's Windows logon screen on 32bit and 64bit Windows XP.  myPassword supports logon for Vista and Windows 7 and gives you

Easy Access from Anywhere

You can access myPassword's self service password reset capabilities in the following ways:

1. Gina Free (no Gina)
2. Gina Enabled
3. Vista Credential Provider
4. Remote Access
5. Outlook Web Access
6. Direct Access
7. Portal or Web Page Access
8. Customization using your Company logo to ensure a sense of security

There is also a GINA-free Windows Logon message capability that can add a configurable message to the Windows Password Logon screen.

Integration
myPassword can be licensed and used without rDirectory.

When combined with rDirectory the natural synergy of these two products form an even more powerful self service password reset solution. Combining rDirectory with myPassword® solves two of the most common problems in self-service password management:

1. Getting users to fill out their Windows Password Reset Profile.  Suggesting or forcing compliance helps eliminate unnecessary calls to the IT Help Desk, thus saving money, time and resources. With rDirectory you can force users to fill out their Windows Password Reset Profile (or any other attribute) when they first access the system.
   
    
2. Securing the issuance of new passwords by the help desk. It is crucial for your Help Desk to have a secure way of authenticating callers.  Simply taking a callers word for identification can have a devastating business impact. 

The Smart Profile Validator
myPassword can give your Help Desk the ability to verify the users identity via a secure Q&A profile before their password is reset, effectively eliminating security breaches. 

With rDirectory, the help desk staff can use the same Windows Password Reset Profile to assure the callers identity, and audit logs and email notifications record the help desk operator and the account reset for regulatory compliance.

The Smart Profile Validator enforces or suggests compliance, recognizes users on shared PCs, minimizes logon delays and verifies connectivity for remote users.

Hacker Detection
myPassword® integrates several means of deterring, detecting, and blocking access to hackers who may attempt to use myPasswordto gain access to an account. Access to myPasswordcan be restricted, and excessive failures of either answering questions or authenticating (used in Profile Edit, Password Change, or Vouching) can trigger a hacker detection event. Questions are also presented one at a time for additional security. A hacker detection event can block the hackers IP, or the account attacked, and/or send email alerts to immediately notify security personnel of a potential attack.

Password Reset Profile Rules
Not all users are the same, and with myPasswordyou can set up rules so different profile policies, which determine the questions and requirements for creating a Password Reset Profile, are applied to different users. This allows you to require more stringent Password Reset Profiles for those more sensitive accounts, and allow simpler self-service password reset Reset Profiles for those with limited access.

Voucher Rules
Vouching is an optional feature that can allow someone who has not filled in their Password Reset Profile, or has forgotten their answers, to get another authorized user to vouch for them so they can reset their account. With myPassword you can setup rules where different users may be allowed different vouchers, and receive different messages to indicate who can vouch for them. Since rules can leverage customizable Relationship-Based Roles, a voucher can also be based on relationships defined in the directory, such as Manager or another custom relationship that you create.

Restricted Access Account
For users who have forgotten their Windows password or have been locked out, myPassword provides for the Restricted Access Account method of accessing myPassword. The Restricted Access Account method is a new best practice recommended by Microsoft, and has significant advantages over the older GINA.DLL method used by many products. With a Restricted Access Account, users can logon with this well known account, yet be securely limited to only access the myPassword site. The key advantage of this method, is that it is centrally managed and does not require replacing the GINA.DLL on all machines. Not only is this a snap to deploy, it is simpler for roving and mobile users, and precludes the GINA.DLL conflicts that can occur with other authorization extensions such as biometrics or network drivers.

Client-Side Encryption
Client-Side Encryption, which is enabled by default, is available in both myPassword® and rDirectory to preclude sensitive information, such as Windows passwords and answers in Password Reset Profiles, from being sent across the wire in clear text. Using client-side encryption precludes the need to setup SSL encryption, which can be expensive, complex, and slow overall performance.

Client-side encryption uses the same public-private key RSA encryption as SSL, however it uses a smaller 256 bit key rather than a stronger SSL key, and only encrypts sensitive fields rather than the whole page. If SSL is used, client-side encryption can be disabled.

Password Generator
An optional Password Generator can be used for all new Windows passwords. The Windows password generation features use a customizable dictionary of words that will be appended with numbers, and additional words and numbers as necessary, until the minimum password length is obtained. When used with the 'Force Password Change on next Logon' feature, the generated Windows password becomes a one-time-use password that can be as complex as you desire.

Inactivity Timer
 

An inactivity timer provides additional security to myPassword. When used in a kiosk mode, the inactivity timer will assure that myPassword is returned to the opening screen, ready for the next user, when left unattended. When used with the Restricted Access Account, the inactivity timer will logout the Restricted Access Account and return to the normal Windows password logon when the PC is left unattended.

Audit Logging / Email Notification
myPassword records the 'who, what, when, and where' of all changes made in the servers event logs, and also can optionally send email notifications to the account changed, or their manager for additional security. A special email notification occurs when a potential hacker is detected.

Cross-Browser Support
End-users can use Internet Explorer, Safari, or FireFox to access myPasswordto reset their Windows password, accounts, create Password Reset Profiles, or change their passwords.
 

Contact Namescape for myPassword and self-service password software including rDirectory, myPassword, mPowertools, joBot and more.

myPassword Demo


Webinar:
IT Security Breaches
Damage is Still Rising

Evaluate myPassword Features
Technology
ROI Calculator
View Datasheet

Features

USER EASE & FORCED
COMPLIANCE A PLUS

"I found the software easy to install and implement. I like the fact that users are able to reset their passwords from the logon screen; obviously it is one of the most necessary features. Also, I like that users are forced to fill out their profile and answer their question if they haven't."

Robert, Network Architect
Public School District
85 Schools
30,000+ students,
5,000 teachers & staff

WELL RECEIVED AND UTILIZED

"We had 24% of our employees enroll in the first 2 weeks, after 3 months we are around 30%. It was very well received, and is used every day. In the past 2 weeks alone we have about 200 users change/reset their password using myPassword."