Pricing  Get Quote

Self-service password reset software

for Active Directory and enterprise applications

Start free trial

Active Directory self-service password reset

Password reset tickets are the bane of both IT teams and end users. When the number of password reset tickets increases, IT teams often push more critical issues down the queue so users don't have to put their work on hold for too long while their passwords are reset. When left unchecked, password reset tickets can become quite expensive. Unsurprisingly, several large businesses have spent close to a million dollars resolving their password-related help desk calls.

ADSelfService Plus, an identity security solution with MFA, SSO, and self-service password management capabilities, can eliminate your IT team's password reset tickets by empowering your end users with self-service. Whether it's a forgotten Microsoft 365 or AD password, ADSelfService Plus enables users to reset their passwords on their own without IT assistance.

Self-service password reset from anywhere, at any time

With the increasing adoption of cloud applications and BYOD policies, users are leveraging multiple access points aside from their workstations to complete their tasks. ADSelfService Plus enables users to perform self-service password resets and account unlocks regardless of their location.


    Password reset from logon screens

    Allow users to reset passwords from their Windows, macOS, and Linux login screens.Learn more


    Password reset from mobile devices

    Empower users to reset their passwords from their Android and iOS devices. Learn more


    Password reset from a private network

    Allow users to update their locally cached credentials after a remote password reset. Learn more


    Password reset from web browsers

    Enable users to securely reset their password using ADSelfService Plus' web portal.

Supported platforms

ADSelfService Plus supports multiple user directories for self-service password reset, including: AD, Microsoft 365, OpenLDAP, AD LDS, Google Workspace, MS SQL, Salesforce, IBM AS400, HP UX, and Oracle DB.

How self-service password reset works

  • A user who has forgotten their password initiates a password reset request from either the ADSelfService Plus web portal's login screen, their machine's login screen, or using the ADSelfService Plus mobile app.
  • ADSelfService Plus checks the users' enrollment status and the policy settings applicable to them, and presents relevant MFA authenticators to the user from a list of 20 different supported MFA authenticators.
  • After successful identity verification, the user is presented with the password reset screen where they can reset their password with the help of the displayed password policies.
  • Once the password is reset, ADSelfService Plus updates the AD with the new password. The user is then notified, either through email, SMS, or push notification, about the status of the password reset operation.
  • The user will then be able to log in to their account using their new password.

Stringent MFA techniques to secure password resets

ADSelfService Plus enables admins to trigger a preconfigured authentication workflow once users initiate a self-service password reset request. It offers 20 different authentication techniques including FIDO passkeys, biometrics, and YubiKey to authenticate users during self-service password reset and account unlock. Some users have access to sensitive business data, and if their accounts are hacked by an attacker, it can lead to disastrous consequences. To combat this, ADSelfService Plus offers admins the option to enforce authenticators of varying intensities for different types of users.

Conditional access policies to automate access control

ADSelfService Plus' conditional access policies allow admins to set context-based rules or conditions to vary the intensity of the authentication process for self-service password reset. The authentication factors present to users are altered based on their IP address, time of request, device used, and geolocation. For example, if an AD self-service password reset request is received from an untrusted IP address outside of business hours, the user will be presented with more stringent authenticators for identity verification as configured.

Strong passwords that can thwart various password attacks

ADSelfService Plus' Password Policy Enforcer provides stringent password policies that restrict the use of predictable patterns, dictionary words, and repeated characters in newly created passwords. Also, by integrating ADSelfService Plus with Have I been Pwned, a breached password database, you can block weak and compromised passwords from your organization. This way, you can defend against multiple password-based cyberattacks, including brute-force, credential stuffing, and dictionary attacks.

Secure remote password reset for hybrid work environments

ADSelfService Plus allows users to reset their passwords securely from anywhere, at any time. This means that they can perform a remote self-service password reset even when they are not connected to the organization's network. ADSelfService Plus' cached credentials update feature then updates their locally cached credentials with the newly reset password, ensuring uninterrupted user productivity and reduced IT workload.

Supported authenticators for password self-service

ADSelfService Plus supports many authentication factors to secure password self-service, such as:

For the complete list of authenticators, click here.


    FIDO passkeys


    Fingerprint authentication


    Microsoft Authenticator




    Duo Security


    YubiKey Authenticator

Types of password reset tickets admins and help desk teams encounter from end users

  • I have forgotten my Windows password.
  • I am unable to log in to my account.
  • Someone has changed my Windows AD password, and I want to reset it.
  • I am unable to log in to my account with my AD domain password.
  • How do I recover my AD account?
  • How do I change or reset my Windows AD password?
  • I have shared my password with a colleague and want to change it. How do I change my AD password?
  • Can I use my colleague's machine and change my domain password using a password self-service web portal?
  • Can I change my password myself from the Ctrl+Alt+Del screen?

These routine password queries can be eliminated using a self-service password reset tool, and your best bet is ADSelfService Plus.

Ensure 100% enrollment with ADSelfService Plus

Before users can take advantage of password self-service using ADSelfService Plus, they must be fully enrolled in MFA. To make the enrollment process smooth for both IT administrators and end users, ADSelfService Plus allows you to:


    Send alerts

    Notify users to enroll in MFA via email and push notifications.


    Force users to enroll

    Force users to enroll when they log in to their machines with a persistent pop-up dialogue box.


    Preload user profiles

    Utilize users' existing AD information for enrollment.


    Upload enrollment data

    Automatically enroll users by importing necessary enrollment data from an external database or using CSV files.

Why choose ADSelfService Plus as your self-service password reset software?


    Improved ROI

    Witness drastic reductions in password-related tickets and help desk costs after deploying ADSelfService Plus. You can calculate the ROI you get on deploying ADSelfService Plus here.


    Enhanced user experience

    Empower users to securely manage their own passwords and profile information, adding value to their role in the organization while reducing the load on the help desk team.


    Flexibility and security

    Allow users to reset passwords and unlock their accounts from anywhere, at any time. You can also create different policies for different types of users in the organization according to their role and level of access to sensitive data./p>


    Simplified auditing and tracking

    Audit and monitor your users' passwords and the status of their self-service actions using ADSelfService Plus. Besides simplifying password management, ADSelfService Plus makes collecting data for legal auditing easy.


  • 1. What is self-service password reset?

    Self-service password reset empowers users to reset their own passwords after successfully verifying their identity without help desk assistance.

  • 2. Is self-service password reset safe?

    Self-service password reset is safer than a password reset performed by an IT administrator because the former ensures that only the user knows their newly reset password. The latter not only causes the IT admin to unnecessarily know a user's password, but it also exposes the password to attacks as it is transmitted over the network to the user.

    In self-service password reset, users are verified with strong authentication factors, which adds to the security of the process.

  • 3. Why should I enable self-service password reset?

    Implementing self-service password reset drastically reduces the burden on the IT help desk, saves costs incurred due to password reset tickets, and enhances organizational security.

  • 4. How does ADSelfService Plus help with self-service password reset?

    ADSelfService Plus is a self-service password reset tool that helps users reset their own AD passwords without IT assistance. Using ADSelfService Plus, users can easily reset their passwords either from a web portal, their logon screens, or their mobile devices.

  • 5. How do I reset my forgotten password using ADSelfService Plus?

    To reset your password using ADSelfService Plus, go to ADSelfService Plus' password reset web portal, your machine's login screen, or the mobile app, and complete the required identity verification steps to reset your domain password. If you don't have ADSelfService Plus already installed, you can download and install the solution using these links.

Empower your users with secure
self-service password reset using ADSelfService Plus


ADSelfService Plus also supports


    Adaptive MFA

    Enable context-based MFA with 19 different authentication factors for endpoint and application logins.

    Learn more  

    Enterprise single sign-on

    Allow users to access all enterprise applications with a single, secure authentication flow.

    Learn more  

    Remote work enablement

    Enhance remote work with cached credential updates, secure logins, and mobile password management.

    Learn more  

    Powerful integrations

    Establish an efficient and secure IT environment through integration with SIEM, ITSM, and IAM tools.

    Learn more  

    Enterprise self-service

    Delegate profile updates and group subscriptions to end users and monitor these self-service actions with approval workflows.

    Learn more  

    Zero Trust

    Create a Zero Trust environment with advanced identity verification techniques and render your networks impenetrable to threats.

    Learn more  

ADSelfService Plus trusted by