The majority of time, when performing password resets, you want security measures in place so you know the person or persons receiving new passwords can be verified to be who they say they are. With a self-service password reset solution like PeoplePassword, this verification involves a configurable process of multi-factor authentication. This process is important whether the user is performing their own password reset or the help desk is walking a user through doing so. In either instance it’s essential for the user to identify themselves. Simply calling the helpdesk and saying “I’m Jane Doe, please reset my password” isn’t good enough these days. To reset passwords without multi-factor authentication in most cases is a mistake.
There are some instances, however, when you want to be able to delegate password reset functions where no factors of authentication are required. One common example we see of this might be in a school
or university environment where teachers and/or faculty need the ability to reset student’s passwords. Burdening the IT helpdesk and delaying classroom productivity is not a good option. In these cases multi-factor-authentication can be overkill since the student is there in person and can readily identify themselves. New passwords are communicated safely on the spot.
Password Resets on Multiple Platforms in Real-Time
A further requirement is to be able to reset passwords on multiple platforms in real-time. It’s not good enough to reset a password in on premise Active Directory (for example) and to have to wait some amount of time for a sync to occur with G Suite or Azure Active Directory in the cloud. In some situations, waiting for a sync for a data update is palatable. With password data, it’s just more lost productivity as a user has to wait some (usually unknown) amount of time before the sync happens.
PeopleUpdate Password Resets With Secure Delegation
In PeopleUpdate you can delegate such a function to reset passwords in multiple directory platforms in real-time. Reset user’s passwords in on premise Active Directory, Azure
Active Directory, and G Suite all at once or selectively in real-time.
As with all of PeopleUpdate’s management functionality, you can control who can access this functionality. In the context of user password resets, you can also control the scope of an individual user’s search. In the classroom example, that might mean only giving a faculty member the ability to reset passwords of students in his or her class but to no other user in the system.
This functionality comes out of the box ready to configure if needed. For example, you could give the option to force the affected user to change their password the next time they logon or to unlock their account if they tried too many times to access and became locked out.
This password reset functionality can be configured to your liking on multiple platforms without scripting or coding.