ManageEngine ADSelfService Plus vs Hitachi ID Password Manager
The prime objective of Self-Service Password Reset software is to allow end-users who have forgotten their passwords or have been locked-out of their accounts, to securely reset their passwords and unlock their accounts without helpdesk intervention. This eliminates password related calls to the helpdesk, improves employee productivity, and helps your business save on cost.
ManageEngine ADSelfService Plus and Hitachi ID Password Manager are two different software products that serve this purpose. The following comparison juxtaposes the features of these two solutions to help you make an informed decision on which software best fits your business needs.
Key differentiators that set ADSelfService Plus apart from competition like Hitachi ID Password Manager:
| Mobile Apps: | Native Mobile Apps for Android & iPhone for password self-service 'on the go'. |
| Complementary Self-Service Features: | Directory Self-update, Mail Group Subscription, and Employee Search to further boost the self-service capabilities of users. |
| Mac OS X Support: | Log in agent for Mac OS X allows users to reset their password and unlock their account from the log in screen of their Mac machines. |
| Automatic Enrollment: | Enroll users without their intervention by importing enrollment data like challenge questions and answers, mobile numbers, email ID, etc., from a CSV file or establish a connection with your in-house database which contains users’ enrollment data. |
| Easier Deployment: | Easy to deploy in a matter of minutes with very little effort even in a large IT environment, and doesn’t need any pre-requisites. |
Key Features ADSelfService Plus
| Features | Description | ManageEngine ADSelfService Plus Try now |
Hitachi ID Password Manager |
|---|---|---|---|
| Password Reset | Users can reset their forgotten passwords without calling helpdesk | ||
| Account Unlock | Users can unlock their locked out accounts without calling helpdesk | ||
| Password Expiry Notification | Notify users to change password before it expires | ||
| Account Expiry Notification | Notify users and their managers about impending acccout expiry | ||
| Real-Time Password Change Notification | Notify users as and when their passwords are chaged/reset natively in Windows | ||
| Employee Directory Self-Update | Employees can update their profile information such as contant number in Active Directory | ||
| Password Synchronizer | Synchronize Windows password changes with onpremise and SaaS applications | ||
| Real-Time Password Sync Agent | Synchronize native password changes with associated systems and applications | ||
| Mail Group Subscription | Users can opt-in or opt-out of Distribution Groups all by themselves | ||
| Employee Search | Users can search for their colleagues information | ||
| Organization Chart | Users can find their position in the organization hierarchy | ||
| Change Password | Users can change their password from anywhere, anytime | ||
| Single Sign-on | Automatically detects applications that use Windows credentials and logs in the users |
(only works with ADSelfService Plus) |
(only works with apps that use Windows credentials) |
| Accessibility | |||
| Web and Mobile based Portal | Users can access the selfservice portal from a web or mobile browser | ||
| Windows Login Agent | Users can access the selfservice portal from the Windows login prompt | ||
| Mac Login Agent | Users can access the selfservice portal from the Mac OS X login prompt | ||
| Android and iPhone Native Mobile Apps | Android and iPhone apps for ‘on the go’ password reset and account unlock | ||
| Telephone access | Users can call a telephone number and avail selfservice | ||
| Multi-factor Authentication | |||
| Available authentication techniques | Authentication techniques available to verify users’ identity | Challenge Questions, Email & SMS-based OTP and Google Authenticator | Challenge Questions, SMSbased OTP, Voice Biometrics, Smart Cards, Hardware Tokens |
| Enrollment Options | |||
| Force enrollment | Users can be forced to enroll when they log in to their system | ||
| Enrollment reminders | Users can be asked to enroll by sending them an enrollment reminder via email | ||
| Auto Enrollment | Import enrollment data from a CSV file and enroll users without their intervention | ||
| External Database Support | Reuse Security Q&A data of users from your inhouse database |
(Supports Oracle, MS SQL, MySQL) |
|
Security and Convenience ManageEngine ADSelfService Plus
| Features | Description | ManageEngine ADSelfService Plus Try now |
Hitachi ID Password Manager |
|---|---|---|---|
| Encryption Algorithm | Encryption algorithm used to store challenge response answers and other data | SHA – 512/MD5 for storing Security Q&A and AES-256 for storing other data | AES-128 for storing Security Q&A and SHA-1 for old password history |
| Password Reset/Account Unlock Email Notifications | Notify users via e-mail & SMS upon successful password reset / change / account unlock |
(Supports both Email and SMS) |
Not Known |
| Enforce Password History | Enforce Active Directory Password History Settings during password reset | Not known | |
| CAPTCHA Verification | A challenge-response test used to determine whether or not the user is human | ||
| Restrict Inactive Users | Restrict disabled, expired, deleted user accounts from using the application | ||
| Block Users | Users who repeatedly fails password self-service will be automatically blocked for a few minutes |
Additional Features
| Key Features | Description | ManageEngine ADSelfService Plus Try now |
Hitachi ID Password Manager |
|---|---|---|---|
| Independent of Installation Prerequisites | Application can be installed without any prerequisites |
(Must be configured with a SQL-based relational database) |
|
| Multi-language support | Built-in support for multiple languages |
(Supports 17 languages) |
(Requires manual configuration of certain files) |
| Integration with other applications | Avail self-service password reset & account unlock from other applications | OWA, SharePoint, Citrix | Not Known |
| Rebranding | Customize the self-service portal with your own name, logo, etc. |
(Requires manual configuration of files in the installation folder) |
|
| OU-based feature restriction | Restrict features to certain users based on Organization Units | Not Known | |
| Unlock PC with Full Disk Encryption | Users can unlock their computer protected with a disk encryption |
Reporting Capabilities:
| Features | Description | ManageEngine ADSelfService Plus Try now |
Hitachi ID Password Manager |
|---|---|---|---|
| User Action Audit Reports | Reports on user actions, their password status and more | ||
| Password and Account Status Report | Reports on users with soon-toexpire passwords, locked-out users, password expired users | ||
| Enrollment Status Report | Report on users’ enrollment status | ||
| Export Reports | Reports can be saved for later use in a target file format such as HTML, PDF, CSV, etc. |
(supports export via only SQL or CSV file) |
|
| Reports Scheduler | Scheduler to create and send selected reports via email | ||
| OU Level Reports | Customize reports view from domain based to OU based | Not known |
Can the solution be considered value for money?
The professional version starts at $ 1195 for 500 users.
Conclusion
Both ADSelfService Plus and Hitachi ID Password Manager offer nice set of features to clamp down on password related help desk calls. While Hitachi ID Password Manager focusses solely on password management, ADSelfService Plus offers some extra self-service features like ‘Directory Self-update’, ‘Mail Group Subscription’ and ‘Employee Search’. Also, ADSelfService Plus is priced affordably, and is easier to configure and customize. Overall, ADSelfService Plus will give you a better return on investment and will ensure that password reset calls are a thing of the past in your organization.
