Pricing  Get Quote

Self-service password reset software

for Active Directory and cloud applications

Start free trial

Password reset tickets: the bane of both IT teams and end users. When the number of password reset tickets increases, IT teams often push more critical issues down the queue so users don't have to put their work on hold for too long while their passwords are reset. When left unchecked, password reset tickets can become expensive, since close to 30% of all help desk tickets are caused by forgotten passwords. Unsurprisingly, several large businesses have spent over $1 million trying to resolve password-related help desk calls.

ADSelfService Plus is an identity security solution with multi-factor authentication (MFA), single sign-on, and self-service password management capabilities that can eliminate password reset tickets. Simply put, whether it's a forgotten Microsoft 365 or Active Directory (AD) password, ADSelfService Plus enables users to reset their passwords on their own without IT assistance.

Self-service password reset from anywhere, at any time

With the adoption of cloud applications and bring your own device (BYOD) policies increasing, users are leveraging multiple access points aside from their Windows PC to complete their work. ADSelfService Plus enables users to perform self-service password reset and account unlock regardless of whether they're in the office, on the move, or at home.


    Password reset from logon screens

    Allow users to reset passwords from their Windows, macOS, and Linux logon screens. Learn more


    Password reset from mobile devices

    Empower users to reset their passwords from their Android and iOS devices. Learn more


    Password reset from a private network

    Allow users to update their local cached credentials after a remote password reset. Learn more


    Password reset from web browsers

    Enable users to securely reset their password using a web browser with the ADSelfService Plus portal.

Supported platforms

ADSelfService Plus supports multiple user directories for self-service password reset, including AD, OpenLDAP, AD LDS, Google Workspace, MS SQL, Salesforce, Microsoft 365, AS400, HP UX, and Oracle DB.

How self-service password reset works

  • A user who has forgotten their password initiates a password reset request from either the ADSelfService Plus web portal's login screen, their machine's logon screen, or using the ADSelfService Plus mobile app.
  • ADSelfService Plus checks the enrollment status and the policy settings that are applicable to the user, and presents relevant MFA authenticators to the user from a list of 19 different supported MFA authenticators.
  • After successful identity verification, the user is presented with the password reset screen where they can reset their password with the help of the displayed password policies.
  • Once the password is reset, ADSelfService Plus updates AD with the new password. The user is then notified, either through email, SMS, or push notification, about the status of the password reset operation.
  • The user will then be able to log in to their account using the newly reset password.

Stringent MFA techniques to secure password resets

ADSelfService Plus enables admins to trigger a preconfigured authentication workflow once users initiate a self-service password reset request. It offers 19 different authentication techniques including biometrics and YubiKey to authenticate users during self-service password reset and account unlock. Some users have access to sensitive business data, and if their accounts are cracked by a malicious hacker, it can lead to disastrous consequences. To combat this, ADSelfService Plus offers admins the option to enforce different authentication types for different types of users.

Configure MFA for self-service password resets in ADSelfService Plus

Advanced conditional access policies to enhance security

ADSelfService Plus' conditional access policies allow admins to set context-based rules to raise or lower the authentication flow set for self-service password reset. The authentication factors are altered based on the IP address, time of request, device used, and the geolocation of a user. For example, if a self-service password reset request is received from an untrusted IP address, the user might be required to go through three factors of identity verification, the mandatory one being a biometric factor.

Configure MFA for self-service password resets in ADSelfService Plus

Strong passwords that can thwart various password attacks

ADSelfService Plus' Password Policy Enforcer ensures stringent password policies that prevent the use of patterns, dictionary words, and repetition in newly created passwords. Also, through Have I been Pwned integration, ADSelfService Plus can ban breached passwords from your organization. This thwarts multiple password-based cyberattacks including brute-force, credential stuffing, and dictionary attacks.

Configure MFA for self-service password resets in ADSelfService Plus

Secure remote password reset for hybrid work environment

ADSelfService Plus allows users to reset their passwords securely from anywhere, at any time. They can reset their passwords even when they are not connected to the organization's network with the cached credentials update feature in ADSelfService Plus. This ensures uninterrupted user productivity and lessens the workload on the IT desk.

Configure MFA for self-service password resets in ADSelfService Plus

Major authenticators supported by ADSelfService Plus

ADSelfService Plus has many authentication factors that can secure user accounts better than passwords, such as:

For the complete list of supported authenticators, click here.


    Fingerprint authentication


    Microsoft Authenticator




    Duo Security


    Google Authenticator


    YubiKey Authenticator

Types of password reset tickets admins and help desk teams encounter from end users

  • I have forgotten my Windows login password
  • I am not able to log in to my account
  • Someone has changed my Windows AD password, and I want to reset it
  • I am not able to log in to my account with my domain password
  • How do I recover my account? How do I change my user password?
  • I have shared my password identity with my fellow employee and want to change it to a new password. How do I change my password in AD?
  • Can I use my neighbor's machine and change my domain password using a web browser?
  • Can I change my password from the Ctrl+Alt+Del screen?

These routine password queries can be eliminated using a self-service password reset solution, and your best bet is ADSelfService Plus.

Ensure 100% enrollment with ADSelfService Plus

Before users can take advantage of the password reset tool, they must complete enrollment. Users need to enter their mobile phone number and email address, answer security questions, or provide other details in ADSelfService Plus to register for self-service employee password management.

ADSelfService Plus enables IT admins to:


    Send alerts

    Notify users to enroll in password self-service via email and push notifications.


    Force users to enroll

    Force users to enroll when they log in to their machines with a persistent pop-up on their desktop.


    Preload user profiles

    Utilize users' existing AD information for enrollment.


    Upload enrollment data

    Automatically enroll users by importing enrollment data from CSV files or an external database.

Why choose ADSelfService Plus as your self-service password reset tool?


    Improved ROI

    Witness drastic reductions in password-related tickets and help desk costs after deploying ADSelfService Plus. You can calculate the ROI you get on deploying ADSelfService Plus here.


    Enhanced user experience

    Empower users to take responsibility for their own passwords and profile information. This will add value to their role in the organization while reducing the load on the help desk team.


    Flexibility and security

    Allow users to reset passwords and unlock their accounts from anywhere, at any time. You can also create different policies for different types of users in the organization according to their role and level of access to sensitive data.


    Simplified auditing and tracking

    Give administrators a holistic overview of their users' password status through several comprehensive ADSelfService Plus reports. In addition to simplifying management, this solution makes collecting data for legal auditing easy.


  • 1. What is self-service password reset?

    Self-service password reset empowers users to reset their own passwords after going through adequate identity verification with zero intervention from the help desk.

  • 2. Is self-service password reset safe?

    Self-service password reset can be considered safer than an admin password reset because the credentials are not exposed in plaintext and are known only to the user. Furthermore, the process can be secured with strong authentication factors.

  • 3. Why should I enable self-service password reset?

    Implementing self-service password reset drastically reduces the burden on the IT desk, saves costs incurred due to password reset tickets, and enhances security.

  • 4. How does ADSelfService Plus help with self-service password reset?

    ADSelfService Plus is a self-service password reset tool that helps users reset their own Windows AD passwords without IT assistance. Using this password reset solution, users can easily reset their passwords from a web portal, their logon screens, or their mobile devices.

  • 5. How do I reset my forgotten password using ADSelfService Plus?

    Go to ADSelfService Plus' password reset screen from a web browser, your machine's login screen, or the mobile app, and complete the required identity verification steps to reset your enterprise password. If you don't have ADSelfService Plus already installed, you can download and install the application using these links.

Self-service password reset tool for
Windows AD, G Suite, etc.


ADSelfService Plus also supports


    Adaptive MFA

    Enable context-based MFA with 19 different authentication factors for endpoint and application logins.

    Learn more  

    Enterprise single sign-on

    Allow users to access all enterprise applications with a single, secure authentication flow.

    Learn more  

    Remote work enablement

    Enhance remote work with cached credential updates, secure logins, and mobile password management.

    Learn more  

    Powerful integrations

    Establish an efficient and secure IT environment through integration with SIEM, ITSM, and IAM tools.

    Learn more  

    Enterprise self-service

    Delegate profile updates and group subscriptions to end users and monitor these self-service actions with approval workflows.

    Learn more  

    Zero Trust

    Create a Zero Trust environment with advanced identity verification techniques and render your networks impenetrable to threats.

    Learn more  

ADSelfService Plus trusted by