Avoiding The Password Reset Storm In 5 Steps

Password

The post-holiday blues affect us all, but IT administrators bear a heavier burden when it comes to workforces returning to their desks at the end of the summer holiday period.  As workers return from well-earned breaks, they find themselves having to re-familiarise themselves with their working processes. This all begins with one crucial step that many find impossible to complete: logging into their user accounts.

After three failed attempts at typing in their forgotten passwords, workers replace panic with relief when they remember that the IT help desk is on hand to guide them through such scenarios. However, things aren’t so simple at the other end of the line, where IT admins find themselves flooded with calls regarding the same problem.

According to Gartner statistics, 30 percent of all help desk calls are related to password problems, yet contrary to beliefs held by the wider workforce, IT admins have other important tasks and projects to be getting on with. The post-holiday password storm will undoubtedly cause a dip in efficiency, year after year, yet there is a solution available that can save organisations from their annual Groundhog Day.

A self-service password management solution is a great way to combat password-related issues. Not only is a self-service system faster and more effective, but it’s also more secure, placing only the end users in control of their passwords. Moreover, Forrester research revealed 72 percent of users prefer to use a self-service system rather than call or email support.

There is a myriad of self-service tools in the market but simply deploying one will not make password-related help desk calls go away. It is paramount to understand what makes password self-service solutions work for end users, so your help desk is not inundated with password reset tickets after holidays.

Here’s a checklist of what you need to do before vacation starts to keep password-related help desk calls at bay:

1. Enforce Universal Enrolment

Make sure that end users are enrolled for password self-service before they go on annual leave. Enrolment reminders via email are futile because most users don’t act unless they absolutely have to. This is where a forced enrolment technique—where users are shown a non-closable full screen enrolment wizard when they log in to their machines—comes in handy. Forced enrolment helps drive up the enrolment rate. Another method is to automatically enrol users by importing enrolment data from a CSV file or directly from Active Directory.

2. Make It Convenient

Most end users only realise that they’ve forgotten their passwords when they’re prompted to enter their credentials during login. When that happens, their immediate reaction is to call the help desk. To avoid this, integrate your self-service solution with the most commonly used applications in your organisation, such as Outlook Web Access (OWA), SharePoint, and Citrix. Your self-service solution should also have login clients (credential providers) that can integrate with the Windows login screen.

3. Access For Everyone

Apart from users who work at the office, users who are on the road may also need assistance with forgotten passwords. For remote users, make sure your self-service solution can handle password reset through cached credentials update. And if there are domain users who log in to Macs, then your self-service solution must be capable of catering to their password reset requests, too. Most important of all, a mobile app is a must for providing easy access to self-service password resets.

4. Encourage A Proactive Approach

If you’ve enabled a maximum password age, there’s a good chance that a number of users’ passwords will expire over the holiday. As a counter measure, keep users informed about their password expiration dates by periodically sending them reminders. Of course, most end users won’t check their emails during vacation. So, sending password expiration notifications via SMS and push notifications will help increase the read rate. Also, make sure that your self-service solution is available over the internet so that users can change their passwords remotely.

5. Analyse & Optimise

Finally, once the password reset storm has subsided, examine how many password reset calls were handled by the help desk and how many were handled by the self-service system in the first week after annual leave. Find out, which access modes and authentication methods users used. And use that information to enhance users’ self-service experience by giving them more choices for access modes and authentication methods so that they’ll continue to use the self-service solution for all their password-related troubles.

Self-service password management not only saves on operating costs for companies but also improves end user and help desk productivity. Still, neglecting to implement any of the above functionalities could seriously hamper the effectiveness of your self-service solution and, eventually, its return on investment. If your self-service password management solution lacks any of the features above, then it’s time to look at other solutions. These tips should help to beat the post-holiday password reset blues.

Radha Krishnan

Radhakrishnan is a Senior Product Marketing Analyst at ManageEngine. With extensive knowledge in identity and access management (IAM) field, he helps solve challenges faced by IT admins across the globe.