N-able

Solutions for MSPs and IT Teams

Blog > Uncategorised

The Number One Tip to Helping Your Service Desk with Password Resets

By N-able
17th March, 2020
Uncategorised

For many companies and organizations, there’s a benefit to relying on managed services providers (MSPs) and security-as-a-service (SaaS) organizations. Both present cost-effective ways for you to ensure security professionals are continuously monitoring your data, applications, servers, and services—and it can be reassuring to know that dedicated teams of experts are on call on the off chance a problem does arise.

Related Product

Passportal

Help secure credentials with password and documentation management for MSPs.

Find out more

One of the most common issues MSPs and SaaS providers encounter is end-user password resets. For you, needing to reset a password may initially only seem like a minor inconvenience. But when multiple passwords for multiple end-users need resetting, it quickly begins to interfere with employee productivity—as well as your ability to attend to more pressing issues.

Lost or forgotten passwords also create vulnerabilities for your customers by presenting opportunities for hackers to access their systems. This means that manually resetting individual passwords is not only a poor use of time and resources, but also an inefficient security measure. The better option to ensure you’re following access and identity management best practices for your customers is to implement automated password reset tools.

What are automated password reset tools?

Simply put, self-service password reset solutions allow end users to reset their passwords as needed without requiring a technician to intervene. This is typically done through a password reset management app or platform. The password reset tool initiates a secure process that asks the end users to verify their identity with security questions or multifactor authentication (MFA). Advances in biometric technology such as optical scans or fingerprints are also starting to be incorporated into identity verification—and are far more secure than text-based passwords.

How self-service password reset tools benefit MSPs

Regardless of whether you’re working with medium-sized businesses or massive enterprises, choosing to implement password reset software will benefit both you and your customers in a number of ways.

First, since automated password reset tools will ask end users to verify their identity through one or more of the methods mentioned above, they can actually make self-service password reset management a more secure process. By removing the middleman, password reset software also reduces the risk of attempted phishing or identity theft, as self-service systems are designed to automatically provide an extra layer of automatic password reset security. By giving individual end users control over password reset requests, you’re ultimately simplifying the process.

Using automated password reset tools also ensures a reset request doesn’t interfere with your customers’ productivity. If customers are forced to wait for your help desk and technicians to respond, it creates several potential bottlenecks. By opting for password reset solutions that end users can engage with directly, you streamline the process, which allows you to devote your time and resources to other important security issues and concerns.

Once you adopt a self-service reset tool, it’s often beneficial for MSPs to create an easily accessible FAQ resource that guides end-users through each step of the password reset process. Providing this resource early—ideally during your customer’s employee onboarding—also gives you the opportunity to underscore the benefits of the self-service application or platform. For example, customers will love the fact that these tools give them the ability to reset passwords at any time of day, on any device or browser, all while knowing that not even their MSP will have access to their passwords.

What are self-service password reset management best practices?

Many of the best practices that apply to general password management carry over to automated self-service portals. Here are a few best practices to keep in mind:

  • Require complex passwords. Part of your due diligence is staying abreast of current security best practices. When it comes to password strength, the current position is to create strings that combine uppercase and lowercase letters with numbers and special characters. Self-service password platforms will allow you to specify requirements for passwords, which helps to enforce security across the board.
  • Leave system passwords to your customers. Requiring MSPs to access and manage customer passwords in databases is a security risk. Control over your customers’ system passwords should stay where they belong—with your customers.
  • Remove security questions. According to the new NIST guidelines, knowledge-based authentication, more commonly known as security questions, are no longer permitted. In the age of public social media, the answers to these questions are often too easy to figure out and thus add vulnerabilities to your customers’ accounts.
  • Implement biometric technology, if possible. Smartphones can recognize fingerprints and facial scans, which are far more secure than even a highly complex password. Instituting biometric touch technology in conjunction with automated password reset tools creates a highly secure authentication method.
  • Enforce password lockouts. While not always the case, multiple failed login attempts can be indicative of potentially malicious activity. You can add in an extra layer of security by locking out users after a certain number of failed attempts, which can in turn automatically force a reset to ensure that any attempted hacks are stopped.

A better approach to password security

The good news is that N‑able® Passportal Blink offers efficient password management, so you’re better able to provide best-in-class security to your customers.

Passportal Blink is a self-service password reset management tool that gives end users the ability to quickly and efficiently reset their passwords for a variety of systems, including Windows, Active Directory, Azure AD, and more. The Blink mobile app uses biometric fingerprint scans for added security, which also allows users to reset their passwords even if their Microsoft accounts aren’t accessible. Start to finish, the password reset process often takes less than one minute for end users, and provides a value-adding service for both your MSP and your customers.

Learn more about Passportal Blink and our other security management options on our blog.

Additional Reading

© N‑able Solutions ULC and N‑able Technologies Ltd. All rights reserved.

This document is provided for informational purposes only and should not be relied upon as legal advice. N‑able makes no warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information contained herein.

The N-ABLE, N-CENTRAL, and other N‑able trademarks and logos are the exclusive property of N‑able Solutions ULC and N‑able Technologies Ltd. and may be common law marks, are registered, or are pending registration with the U.S. Patent and Trademark Office and with other countries. All other trademarks mentioned herein are used for identification purposes only and are trademarks (and may be registered trademarks) of their respective companies.

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a trial.

If this issue persists, please visit our Contact Sales page for local phone numbers.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site