Five steps to avoid the password reset storm - deploying self-service key
Five steps to avoid the password reset storm - deploying self-service key

Many of us may have been enjoying another fine summer but IT administrators will be familiar with a certain dread associated with this time of year. For it is at the end of the holidays when many return to work in droves that the post-holiday password reset storm begins.

The help desk is flooded with calls echoing the same issue – the forgotten password and the subsequent locked user account after three failed attempts. Forgetfulness is in our nature. It's part of what makes us human, yet it shouldn't cause such a bottleneck in efficiency – the kind that many organisations experience when the holidays come to an end.

Research from Gartner tells us that 30 percent of all help desk calls are related to password problems, yet there is a solution available that can save organisations from their annual groundhog day.

A great way to combat password-related issues is to use a self-service password management solution. Not only is a self-service system faster and more effective, but it's also more secure because end users alone are in charge of their passwords. Moreover, 72 percent of users prefer to use a self-service system rather than call or email support, according to Forrester. There are a myriad of self-service tools in the market. But simply deploying one will not make password-related help desk calls go away. It is paramount to understand what makes password self-service solutions work for end users, so your help desk is not inundated with password reset tickets after holidays.

Here's a checklist of what you need to do to keep password-related help desk calls at bay:

1.            Make sure users are enrolled

Make sure that end users are enrolled for password self-service before they go on annual leave. Enrollment reminders via email are futile because most users don't take action unless they absolutely have to. This is where a forced enrollment technique—where users are shown a non-closable full screen enrollment wizard when they log in to their machines—comes in handy. Forced enrollment helps drive up the enrollment rate. Another method is to automatically enroll users by importing enrollment data from a CSV file or directly from Active Directory.

2.            Make it easy to find

Most end users only realise that they've forgotten their passwords when they're prompted to enter their credentials during login. When that happens, their immediate reaction is to call the help desk. To avoid this, integrate your self-service solution with the most commonly used applications in your organisation, such as Outlook Web Access (OWA), SharePoint, and Citrix. Your self-service solution should also have login clients (credential providers) that can integrate with the Windows login screen.

3.            Make it accessible for all

Apart from users who work at the office, users who are on the road may also need assistance with forgotten passwords. For remote users, make sure your self-service solution can handle password reset through cached credentials update. And if there are domain users who log in to Macs, then your self-service solution must be capable of catering to their password reset requests, too. Most important of all, a mobile app is a must for providing easy access to self-service password resets.

4.            Help users be proactive

If you've enabled a maximum password age, there's a good chance that a number of users' passwords will expire over the holiday. As a counter measure, keep users informed about their password expiration dates by periodically sending them reminders. Of course, most end users won't check their emails during vacation. So, sending password expiration notifications via SMS and push notifications will help increase the read rate. Also, make sure that your self-service solution is available over the internet so that users can change their passwords remotely.

5.            Examine results and optimise

Finally, once the password reset storm has subsided, examine how many password reset calls were handled by the help desk and how many were handled by the self-service system in the first week after annual leave. Find out, which access modes and authentication methods users used. And use that information to enhance users' self-service experience by giving them more choices for access modes and authentication methods so that they'll continue to use the self-service solution for all their password-related troubles.

Self-service password management not only saves on operating costs for companies but also improves end user and help desk productivity. Still, neglecting to implement any of the above functionalities could seriously hamper the effectiveness of your self-service solution and, eventually, its return on investment. If your self-service password management solution lacks any of the features above, then it's time to look at other solutions. These tips should help to beat the post-holiday password reset blues..

Contriubted by Radha Krishnan, marketing analyst, ManageEngine

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.