A Flexible Workflow-Based Password Management Solution
As the first and only solution built on a workflow and role-based access control platform, EmpowerID Password Manager offers unprecedented functionality and customizability and delivers rapid ROI with the industry's most flexible and easy-to-use multi-directory password self-service reset solution.
As organizations improve security through the enforcement and implementation of stronger password policies, end-users are forced to remember a greater number of complex and frequently changing passwords. The cost of a single password reset in a medium-sized organization is estimated to be around $20. This figure can be reduced to as little as $3 accompanied by a 30% reduction in help desk call volume through automating portions of the reset process. Password Manager flexibility allows organizations to implement a reset process that meets their specific needs.
EmpowerID Password Manager ships with highly configurable workflows to deliver an optimal user experience for password reset, the self-service identity management function that touches every user in an organization. Password Manager accommodates complex scenarios only possible with the flexibility of the underlying Dot Net Workflow platform.
Password Manager performs four critical security functions:
Self-Service Password Reset
Password Manager delivers rapid cost savings by automating the password self-service process. It offers a flexible workflow-based process that allows users to reset forgotten passwords and to unlock their locked accounts from a variety of user interfaces including: the Windows login screen (GINA and Credential Provider), a friendly web interface, from within Microsoft SharePoint, and from the EmpowerID Management Console WPF application. Password self-service workflows can also be easily exposed as web services for integration into existing applications and portals.
Helpdesk Assisted Password Reset
In addition to self-service password resets, Password Manager provides workflows and friendly interfaces for helpdesk staff to perform assisted password resets and unlocks for users who call in for assistance. Helpdesk personnel have controlled access to view a person's directory and technical information about their directory accounts, including: lockout status, password last changed date, password expiration date, and more. Helpdesk password assistance workflows allow helpdesk staff to view the semi-private helpdesk questions that a user was asked when enrolling for password reset in order to verify their identity and to either reset a password or to send the user a one-time password for login. All activity by helpdesk staff is controlled via role-based security and all actions produce a rich audit trail and detailed compliance reports.
Cross-Directory Synchronization of Password Changes
Password Manager leverages the synchronization services of the Dot Net Workflow platform to synchronize password changes to all the connected directories in which a user has an account when a change occurs. The synchronization can be enabled on a per system basis and changes also can be propagated to custom applications for which a simple password sync connector has been defined in Workflow Studio, a rapid development tool. Password Manager also exposes web services for integration of the password reset and sync capabilities with existing systems or custom applications.
Detailed Reporting of All Password Activities and Usage Metrics
Password Manager provides detailed logging and reporting on all password management activities. Adoption and usage of password self-service can be tracked easily and measured to gauge adoption and overall solution ROI. Reports include the ability to see who has enrolled versus who has not; EmpowerID login history, enrollment frequency and history, password reset center lockouts, and all helpdesk activities. Existing reports can be customized and new reports can be created with an easy-to-use Dot Net Workflow report designer.
Why Password Manager
Password Manager eclipses tools offering only basic password reset functionality by providing extensive features and customizability to form a comprehensive solution that you won't outgrow. It offers:
- Forced Enrollment - Password Manager is the only solution with the ability to force user enrollment for self-service reset during the login process
- Windows Login Clients - It offers password reset clients for Windows XP and the Vista/Windows 7 login screens
- Domain Controller Agent - It captures and synchronize user password changes
- OTP Login - It offers one-time password generation for login and forgotten password reset
- Workflow - Its Microsoft Windows Workflow Foundation-based architecture allows complete customization of existing processes and the creation of your own processes to match any business need
- Cross Platform - It supports synchronizing password changes and unlocks between Active Directory, LDAP, and even custom applications
- User Experience - Its flexible user interface options include: web, SharePoint, Silverlight, and a rich WPF client
- Detailed reporting - It inventories all user account information including password last set, password expires on, and account lockout status