Product homepage and free trial offer: click here
When users forget their passwords or lock themselves out of their accounts, fixing the problem can be both inconvenient and costly. Estimates of how much revenue is lost to password resets vary widely, but Gartner Group estimates that password resets account for 20 to 50 percent of all help desk calls. Similarly, Forrester Research estimates that a single password reset costs about $70 in labor.
The actual cost of a password reset varies from company to company, based on a number of different factors. Regardless of what the actual cost is, however, the bottom line is that there are very real costs associated with every password reset.
Specops Software helps companies reign in these costs with a product called uReset. uReset is designed to work with Specops Authentication, a hosted multifactor authentication platform, and gives users a self-service portal through which they can reset their password or even unlock their account.
Using Specops uReset requires a customer account to be created within the Specops cloud. Because I had previously reviewed another Specops product, I already had an account. As you would probably expect, I had no trouble using my existing Specops account to write this review. Having said that though, it is worth noting that uReset is designed to work in conjunction with Specops Authentication. As such, using my existing account was more than just a convenience, it was a necessity. uReset cannot function without Specops Authentication as it is one of three services that are integrated into the MFA platform.
In case you are wondering, creating the required Specops account is relatively easy and mostly just involves providing information such as the organization’s name and domain name, as well as the primary contact person’s name and email address. This process also requires you to enter a mobile phone number. Upon doing so, Specops sends a numeric code to your phone via text message. This code is then used to complete the account creation process.
Once you have created a customer account, it’s time to begin configuring uReset. Not only is this process completely intuitive, you really don’t have to do much (assuming that you are utilizing one of the other services that utilize Specops Authentication).
One of the nice things about uReset (and Specops Authentication too for that matter) is that it does not force you to abandon your existing group policy settings. When you configure uReset, you can choose between cloud mode, group policy mode, or a combination of both. Cloud mode assigns all users the same rules for resetting passwords, while group policy mode allows different rules to be applied to different users, depending on which group policy applies to them. The combined mode tries to process group policy first but resorts to using cloud policy if no group policy settings are found. You can see what the configuration process looks like in the first screenshot. For this review, I decided to use cloud mode.
The next step in the configuration process is to choose the identity services that you want to leverage. This process is integral to Specops Authentication. If you have not seen it before, then the process probably needs a bit of explaining.
When a user enrolls into Specops Authentication, they do so by using multiple identity services. For example, a user might provide their Facebook account or their Twitter account credentials during the enrollment process.
Each identity provider is assigned a star rating. For a user to be enrolled, the user must be authenticated using a sufficient number of identity providers to meet the administrator configurable enrollment star requirement.
Similarly, when a user is authenticated into the system, they must authenticate through a sufficient number of identity providers to meet the administrator configurable authentication star requirement. You might have noticed in the screenshot above that more stars are required for enrollment than for authentication. The reason for this is that a user can pick and choose which identity services to use during the authentication process. If for example, a user has lost their cell phone, they can still authenticate without it, simply by selecting other identity services that were registered during the user’s enrollment.
As you look back at the first screenshot shown in this review, you will notice that the uReset interface contains a Notifications tab and a Settings tab. The Notifications tab allows password reset notifications to be generated. The Settings tab, which is shown below, is used to enable or disable the Change Password feature.
Although I usually focus my product reviews on the administrative side of things, uReset is a user-facing tool, so I wanted to take a moment and show you what the end-user experience looks like.
As previously noted, uReset is designed to work in conjunction with Specops Authentication. When an end-user visits the authentification page, they are shown a screen asking if they need a new password, need to recover their key, or need to be enrolled in Specops Authentication. You can see what this screen looks like in the screenshot below. As an alternative, users can access the password reset capabilities independently of the browser by going directly through the Specops Authentication Client, which is accessible from the Windows Start menu.
To take advantage of uReset, the user would click on the New Password button. At this point, the user is taken to a screen presenting several different options. If the user knows their current password and just needs to change it, the user would click the I Know My Password button. Similarly, if the user has forgotten their password, then they would simply click on the I Forgot my Password button.
Although self-service password reset capabilities have existed in various products for a number of years, the user interface element that really drew my attention was the My Account is Locked Out button. Typically, once a user has been locked out of their account, they have little choice but to contact the help desk. With uReset however, a user who has been locked out of their account can click on the My Account is Locked Out button, and be taken to a screen that can help them to regain access to their account.
It has become customary to conclude my product reviews by giving the product a star rating, ranging from zero to five stars, with five stars being the highest possible score. Based on my evaluation, I chose to give Specops uReset a score of 4.8 stars, which is a Gold Star award.
The main thing that made me decide on this particular score was that I liked that the product was so simple. It does exactly what it is supposed to do, without any needless complexity standing in the way of efficiency.
From the standpoint of the end-user, there is no ambiguity involved in the process of regaining access to their account. The user simply clicks on the appropriate buttons, proves their identity, and is back online in a matter of a couple of minutes.
From an administrative standpoint, uReset integrates seamlessly with Specops Authentication. Assuming that the administrator has already configured Specops Authentication, there is almost nothing additional that the administrator has to do to make uReset work.
In this second article in our series, we will work on the Ansible Automation Engine…
Microsoft Build 2020 included several announcements aimed at developers and the IT community. Here are…
Using Azure Active Directory Identity Protection will boost your security. This step-by-step guide shows you…
COVID-19 is not going away anytime soon, and as Microsoft researchers have discovered, neither are…