Studies show that 30% of Helpdesk queries are related to password

reset management as users tend to forget their passwords often.

This consumes a substantial amount of Helpdesk time working on

most critical password tickets.

To remedy this situation, DoIT needed to reduce this time by ren-

dering a secure, reliable and robust web-based self-service solution

to the end user. The solution thus helps end users to change their

password if they use a PC or a laptop that is not domain-joined and

even reset their password if the password is forgotten.

Allowing end users to reset their password carries a certain amount

of risk, as it increases the possibility of an attack from a malicious

user. To ensure that only the intended users are allowed access to

the self-service password reset/change, users need to prove their

identity.

To do this, we added a layer of security that consists of a verification

code. During a password reset event, the end user is asked to provide

a mobile number or an external email address (live, Gmail, Yahoo

mail etc..) to receive the verification code.

Active Directory self-service portal

1 |

October 2017

DoIT Newsletter