Pricing  Get Quote
 
 

Password recovery

Active Directory password recovery: An exercise in futility

Forgotten passwords are an unfortunate fact of life, but password reset tickets aren't. While it's impossible to recover forgotten or expired Active Directory (AD) passwords, they can be securely reset without requiring help desk assistance. Empower your users to reset their own passwords with ADSelfService Plus.

ADSelfService Plus is here for you

ADSelfService Plus' self-service features allow end users to securely reset their forgotten passwords, unlock their accounts, and update their profile information in AD—all without help desk intervention. Users can reset their passwords from the login screens of their Windows, macOS, and Linux machines; a web browser; or their mobile devices (using the ADSelfService Plus app). As soon as you deploy ADSelfService Plus, all users have to do is access the self-service portal, verify their identity, and configure their AD password to gain access to the system.

Keep hackers at bay

ADSelfService Plus supports multi-factor authentication to secure password self-service activities. Users can only reset their passwords or unlock their accounts after confirming their identities through any of the solution’s 15 authentication methods:

Enforce stronger passwords

reset password

While self-service password resets are a boon to any organization, you do not want users to endanger their accounts by resetting their passwords to weaker ones that easily lead to data breaches. ADSelfService Plus' Password Policy Enforcer allows you to create rules to ensure password complexity. With these rules, you can mandate the inclusion of multiple character types in passwords, restrict the use of dictionary words and phrases, restrict end users from using certain characters from old passwords and usernames, and more. By integrating ADSelfService Plus with the Have I Been Pwned? service, you can also restrict end users from using passwords that have already been exposed.

Choose who can reset their passwords and how

reset password permission

Using self-service policies, you can selectively grant users the ability to reset their passwords and perform other self-service actions. Self-service policies allow you to enable the self-service password reset capability for users belonging to specific AD domains, OUs, and groups. You can enable specific authentication methods for a group of users. You can also choose to allow a set of users to reset their passwords from one access point, like their logon screens, and provide other users with the self-service capability from another platform, like their mobile devices.

Make expired passwords a thing of the past

password expiry notification

Eliminate expired passwords with ADSelfService Plus' password and account expiration notifications. ADSelfService Plus will automatically search your organization's AD for users whose passwords are about to expire, then send them phased reminders in the form of email, SMS, or push notifications to change their passwords. Users can change their soon-to-expire passwords via ADSelfService Plus' web portal and mobile app.

Automate password resets

automate password reset

Typically, some users will fail to change their passwords on time, despite receiving multiple notifications, and ultimately find themselves locked out of their own systems. Save your help desk the time and frustration with ADSelfService Plus' automatic password reset/unlock account feature. It resets any expired passwords to a default value set by the administrator and automatically unlocks any locked accounts.

Stay updated on users' actions

self update notification

Receive email notifications whenever users perform password resets or any other self-service action. ADSelfService Plus also offers real-time audit reports that document everything, from the time of the password reset to the IP address on which it was performed. You can also create an approval workflow where users have to raise a request with the help desk and get it approved in order to perform a password reset.

Highlights of the solution

  • 1. Password self-service

    Empower end users to reset their domain passwords in AD or unlock their AD accounts without administrator or IT help desk intervention. Learn about Password self-service.

  • 2. Real-time password synchronizer

    Synchronize all AD password resets and changes with a range of SaaS and on-premises applications in real time. Learn about Real-time password synchronizer

  • 3. Password expiration notification

    Notify users of their impending password expiration via SMS, email, and push notifications. This feature is also available as a free tool for unlimited users. Learn about Password expiration notification.

  • 4. Password policy enforcer

    Implement a secure, simple password policy by letting administrators set preconfigured or custom password policies. Learn about Password policy enforcer.

  • 5. Mobile applications

    Enable users to access their Windows accounts from anywhere with ADSelfService Plus' Android and iOS mobile applications. Learn about Mobile applications.

  • 6. Cached credentials update

    Automatically update cached domain credentials on users' machines when they reset their passwords. That way, users can access their Windows machines even when they're not connected to the corporate network. Learn more Cached credentials update.

  • 7. Directory self-update

    Keep your corporate white pages up-to-date by allowing users to update their own information in AD. Learn more Directory self-update.

Benefits:

  1. Reduced workload for the help desk: The password reset tickets to the help desk are minimized and the help desk focuses on other crucial tickets at hand.
  2. Improved end-user productivity: The self-service password reset portal lets users regain access to their AD account in mere minutes.
  3. Reduced cost to the organization: With 30% of help desk requests for forgotten passwords, letting users reset their password minimizes the resources spent on them.

SSPR from laptop logon screens, mobile devices, and web-browsers.

Get Your Free Trial  

ADSelfService Plus trusted by