Subject | This guide describes how to configure and administer the features offered by Self Service Password Request (SSPR). | ||||||
Audience | This guide is intended for Authentication Manager administrators. | ||||||
Required Software | EAM 9.0 evolution 2 and later versions. For more information about the versions of the required operating systems and software solutions quoted in this guide, please refer to One Identity EAM Release Notes. | ||||||
Typographical Conventions |
Bold Indicates:
| ||||||
Italics - Indicates references to other guides. | |||||||
Code - Indicates portions of program codes, command lines or messages displayed in command windows. | |||||||
CAPITALIZATI ON Indicates specific objects within the application (in addition to standard capitalization rules). | |||||||
< > Identifies parameters to be supplied by the user. | |||||||
Legend
| |||||||
Documentation support | The information contained in this document is subject to change without notice. As our products are continuously enhanced, certain pieces of information in this guide can be incorrect. Send us your comments or suggestions regarding the documentation on the One Identity support website. |
The One Identity Self Service Password Request (SSPR) feature reduces usage costs by allowing users to reset their primary password or PIN by themselves. When this feature is enabled, users can:
One Identity SSPR offers the following benefits:
The following figure illustrates the password/PIN reset mechanism when Authentication Manager is installed on the workstation. In this mode, mobile users can reset their access even if they are not connected.
Phase |
Description |
|
Configuration phase The administrator configures security profiles to enable the password/PIN reset from Authentication Manager. |
|
Initialization phase The first time the user opens his Windows session, Authentication Manager prompts him to record answers and questions according to the configuration set by the administrator. |
|
Password/PIN reset phase To reset his password or PIN, the user answers to the series of personal questions asked by Authentication Manager. The administrator can make the help desk verify the identity of users when they reset their passwords. For PIN reset, this is mandatory. |
One Identity SSPR allows you to use the OTP mechanism as an emergency access solution. In this mode, the password authentication method must be enabled. When a user forgets his password or PIN and he is connected to the network, he can still open his Windows session by receiving and entering an OTP. He can then reset his forgotten password or PIN and access applications for which an authentication is needed.
Phase |
Description |
|
Configuration phase The administrator configures security profiles to enable OTP emergency access. |
|
Password/PIN reset phase The user requests an OTP sent to his email address and/or mobile device. To reset his password or PIN, the user enters the OTP and enters a new password/PIN. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy