The Number One Tip to Helping Your Service Desk with Password Resets
For many companies and organizations, there’s a benefit to relying on managed services providers (MSPs) and security-as-a-service (SaaS) organizations. Both present cost-effective ways for you to ensure security professionals are continuously monitoring your data, applications, servers, and services—and it can be reassuring to know that dedicated teams of experts are on call on the off chance a problem does arise.
One of the most common issues MSPs and SaaS providers encounter is end-user password resets. For you, needing to reset a password may initially only seem like a minor inconvenience. But when multiple passwords for multiple end-users need resetting, it quickly begins to interfere with employee productivity—as well as your ability to attend to more pressing issues.
Lost or forgotten passwords also create vulnerabilities for your customers by presenting opportunities for hackers to access their systems. This means that manually resetting individual passwords is not only a poor use of time and resources, but also an inefficient security measure. The better option to ensure you’re following access and identity management best practices for your customers is to implement automated password reset tools.
What are automated password reset tools?
Simply put, self-service password reset solutions allow end users to reset their passwords as needed without requiring a technician to intervene. This is typically done through a password reset management app or platform. The password reset tool initiates a secure process that asks the end users to verify their identity with security questions or multifactor authentication (MFA). Advances in biometric technology such as optical scans or fingerprints are also starting to be incorporated into identity verification—and are far more secure than text-based passwords.
How self-service password reset tools benefit MSPs
Regardless of whether you’re working with medium-sized businesses or massive enterprises, choosing to implement password reset software will benefit both you and your customers in a number of ways.
First, since automated password reset tools will ask end users to verify their identity through one or more of the methods mentioned above, they can actually make self-service password reset management a more secure process. By removing the middleman, password reset software also reduces the risk of attempted phishing or identity theft, as self-service systems are designed to automatically provide an extra layer of automatic password reset security. By giving individual end users control over password reset requests, you’re ultimately simplifying the process.
Using automated password reset tools also ensures a reset request doesn’t interfere with your customers’ productivity. If customers are forced to wait for your help desk and technicians to respond, it creates several potential bottlenecks. By opting for password reset solutions that end users can engage with directly, you streamline the process, which allows you to devote your time and resources to other important security issues and concerns.
Once you adopt a self-service reset tool, it’s often beneficial for MSPs to create an easily accessible FAQ resource that guides end-users through each step of the password reset process. Providing this resource early—ideally during your customer’s employee onboarding—also gives you the opportunity to underscore the benefits of the self-service application or platform. For example, customers will love the fact that these tools give them the ability to reset passwords at any time of day, on any device or browser, all while knowing that not even their MSP will have access to their passwords.
What are self-service password reset management best practices?
Many of the best practices that apply to general password management carry over to automated self-service portals. Here are a few best practices to keep in mind:
- Require complex passwords. Part of your due diligence is staying abreast of current security best practices. When it comes to password strength, the current position is to create strings that combine uppercase and lowercase letters with numbers and special characters. Self-service password platforms will allow you to specify requirements for passwords, which helps to enforce security across the board.
- Leave system passwords to your customers. Requiring MSPs to access and manage customer passwords in databases is a security risk. Control over your customers’ system passwords should stay where they belong—with your customers.
- Remove security questions. According to the new NIST guidelines, knowledge-based authentication, more commonly known as security questions, are no longer permitted. In the age of public social media, the answers to these questions are often too easy to figure out and thus add vulnerabilities to your customers’ accounts.
- Implement biometric technology, if possible. Smartphones can recognize fingerprints and facial scans, which are far more secure than even a highly complex password. Instituting biometric touch technology in conjunction with automated password reset tools creates a highly secure authentication method.
- Enforce password lockouts. While not always the case, multiple failed login attempts can be indicative of potentially malicious activity. You can add in an extra layer of security by locking out users after a certain number of failed attempts, which can in turn automatically force a reset to ensure that any attempted hacks are stopped.
A better approach to password security
The good news is that SolarWinds® Passportal Blink offers efficient password management, so you’re better able to provide best-in-class security to your customers.
Passportal Blink is a self-service password reset management tool that gives end users the ability to quickly and efficiently reset their passwords for a variety of systems, including Windows, Active Directory, Azure AD, and more. The SolarWinds Passportal Blink mobile app uses biometric fingerprint scans for added security, which also allows users to reset their passwords even if their Microsoft accounts aren’t accessible. Start to finish, the password reset process often takes less than one minute for end users, and provides a value-adding service for both your MSP and your customers.
- How a Self-Service Password Reset Tool Can Benefit MSPs
- How Eliminating Password Reset Tickets Can Increase Profits
- Cybersecurity Tip #8: Observe Password Best Practices
SolarWinds® adds Passportal suite to its MSP product portfolio. MSP security, simplified. SolarWinds® Passportal + Documentation Manager is a SOC 2 certified, RAPID 7 tested, award winning platform.
Grow your business faster with the world's first unified platform for true password management and secure IT documentation. More than 2,000 best-in-class MSPs around the world are leveraging our security, automation, and rapid access client knowledge to out preform the competition.