Features Assisted Password Reset

Assisted Password Reset

P-Synch® includes a help desk password reset console, which allows help desk analysts to assist callers without having direct administrative access to target systems:

• Help desk analysts sign into P-Synch with a web browser.

• Analysts can be authenticated using IDs and passwords internal to P-Synch or use pass-through authentication to an existing system.

  For example, help desk analysts may sign into P-Synch using their Active Directory ID and password, with P-Synch validating the membership of each analyst in a designated AD security group and granting appropriate P-Synch privileges based on that group membership.

• From the P-Synch web interface, analysts can search for the caller's profile by login ID or full name.

• Analysts can be required to authenticate the caller -- for example by keying answers to some of the user's personal questions, which P-Synch can validate against an internal database or external directory.

  Note that the same, different or overlapping question-and-answer data may be used for assisted password reset and for self-service authentication.

• Once both the analyst and caller have been authenticated, analysts can reset the caller's password, lock or unlock the caller's access to P-Synch or update the caller's profile. Assisted password resets may be configured to also expire the new password, requiring the user to change it on the next login.

• All transactions -- analyst login, user profile lookup, successful or failed password reset and more may trigger e-mails to the user, to the analyst or to a third party, such as a security officer. The same events can also trigger automatic creation, update or closure of tickets in a help desk call tracking system.

• Since only a single, simple web interface is used, an assisted password reset is normally completed in 1--2 minutes.

• User-filter and account-filter plug-in points are available, making it possible to delegate password reset capabilities to managers, platform administration groups and regional help desks and to ensure that such groups get only appropriate password reset and user profile lookup privileges.

• At no point in the process does an analyst require credentials to the systems where passwords are being reset. Instead, P-Synch uses its own credentials to sign into target systems, and these credentials are encrypted in an internal P-Synch database.

Assisted password reset reduces the cost of password support calls and ensures that such calls are uniformly processed in a consistent, secure fashion.

Integrations

After a password reset, or following any of 163 other types of events, P-Synch can create, update and close a trouble ticket in any of the following types of help desk systems:

• Axios Assyst
• BMC (formerly NAI) Magic (any version)
• CA Unicenter Help Desk
• Clarify eFrontOffice (currently just version 8)
• FrontRange HEAT (any version)
• HP Service Desk
• Peregrine ServiceCenter (any version)
• BMC/Remedy ARS (any version)
• Siebel ERM (any version; using web services)
• SupportSoft (any version; using web services)
• Tivoli Problem Management / Service Desk (any version)
• ... and more

© Hitachi ID Systems, Inc. 2008. All rights reserved.