1.0 Overview

Self Service Password Reset (SSPR) is a Web based password management solution. You can deploy SSPR to any Web server or application server that supports a Web archive. It eliminates users’ dependency on administrators’ assistance for changing passwords. It brings higher returns by reducing the cost and workload of the help desk. It allows you to ensure that all passwords in the organization comply with the established policies.

It provides enhanced security. The user gets authenticated through a series of questions and answers known only to the user. During password reset, SSPR uses a challenge-response authentication method to authenticate the user. You can store the challenge-response information in the back-end directory, external database, or internal database. Users can change their password and reset any forgotten password by using the configured challenge-response information.

User productivity is increased through automatic synchronization of changed passwords, which eliminates the need for users to wait for password resets and account unlocks. At the same time, the helpdesk can perform more critical tasks rather than password resets.

SSPR provides the following functionality:

  • Change password: Users can change their password without an administrator’s assistance.

  • Reset forgotten password: Users can reset their password by answering challenge questions. You, as an administrator, can configure and store these questions by using SSPR. SSPR stores user responses in the standard RDBMS database, LDAP server, or Novell NMAS repositories based on the database configuration.

  • Recover forgotten username: Users can search for a forgotten username by using a configurable search filter and attributes.

  • Configure challenge-response authentication: You, as an administrator, can configure a set of questions for users. The questions include random and required questions. The system prompts users to specify answers for these questions the first time that they log in. Users reset their password by answering the same questions they saved earlier through SSPR.

  • New user self-registration: New users can self-register.

  • Activate user accounts: Users can activate a deactivated account and set a password for this account.

  • Activate Profile: Users can view and update their profile attributes.

  • Search People: Users can search for their colleagues’ information.

  • Simplify helpdesk support response: Helpdesk users can leverage the Helpdesk module to simplify the helpdesk tasks such as resetting passwords and unlocking user accounts.

  • Create password policies: You, as an administrator, can enforce restrictions on the types of passwords users can create.

  • Report on usage and lockouts: Self Service Password Reset can generate reports for intruder‐lockout, daily usage statistics, and online log information for debugging.

This chapter includes the following topics: