Utilizing a username and password to log on to applications and systems is the most common method of authentication in place today. In order to make user access a bit more secure, many organizations utilize complex passwords and also impose a maximum usage period before a password must be changed.
With the introduction of complex passwords requirements – given the requirements of symbols and digits –it is often difficult for employees to remember their Active Directory password, especially after a vacation or significant time away from the office. Forgotten passwords and the need to involve the help desk for resets, leads to a significant increase in the amount of time IT resources are needed to focus on repetitive tasks and are unable to concentrate larger technology projects.
According to a study by the META Group for PricewaterhouseCoopers, more than 25 per cent of the calls to a help desk are password related. With average call to the help desk in the $25-40 range, the cost and time associated with this issue is sizeable. At the same moment, the employee loses valuable work time they are locked out of the network temporarily and unable to work. Commercially available solutions are viable alternative to significantly reduce this call load and put the function back in the hands of the end users.
Most of the commercially available applications for allowing password self-service rely on a series of challenge questions – a user enrolls by providing answers to– and the uses those answers to verify their identity when performing a reset. A growing trend is also provide a second factor of authentication (2FA). This can be a onetime use pin code delivered via SMS or an alternate email address.
One side benefits to utilizing this model is that it becomes extremely easy to expose these questions to the helpdesk team. When an employee calls the helpdesk for access to a new application, additional access rights or anything else technology related, the caller can be asked to “prove” their identity by answering the challenge questions or just providing certain characters of the answers.
Another benefit of these applications is the ability to allow end users to reset their password 24/7, even if the help desk only operates Monday to Friday, 9-5. Web interfaces can be utilized to allow end users to reset their network password from home computers or even smart phones. That way if they want to get some work done after hours but have forgotten their password, they can reset it and move on without delay.