Sponsored by Specops Software
Ask any user to list the things that frustrate them the most about their employer’s IT department, and password policies are sure to be near the top of the list. Password rage is real, and the typical way in which most organizations handle password resets does not do anything to alleviate users’ stress.
So why are passwords such a pain? Most of us have to remember dozens of different passwords for the various systems, applications, and websites that we need to log into. As if this were not enough, it seems that every one of these systems has different requirements with regard to password complexity and the frequency with which those passwords have to be changed.
All of this leads to users having a tough time remembering their passwords and frequently having to reset those passwords as a result. This isn’t just frustrating for end-users, but it can be costly for an organization as well.
Although it is relatively easy for a helpdesk technician to reset a user’s password, there are costs associated with each and every password reset. These costs come in the form of lost productivity for both the end-user and for the helpdesk tech who could be using their time to help someone else. The actual cost of a password reset has been sharply debated over the years and varies considerably based on the organization’s size. It is worth noting, however, that Forrester estimates the cost of a password reset in a large enterprise to be about $70. When you also consider that password resets account for about 40% of all helpdesk calls (with some estimates being as high as 50%), you can see just how quickly these costs add up. In fact, Forrester estimates that large enterprises spend over a million dollars each year on password-related support costs.
While it is easy to focus on the financial costs associated with password resets, it’s equally important not to lose sight of the frustration that end-users feel when forced to reset a forgotten password. Such frustration can lead to employees feeling less satisfied at work, and growing dissatisfaction can lead to other problems down the road.
So what can an organization do to ease the burden of password resets both for end-users and helpdesk technicians alike? One particularly compelling option is to take advantage of the dynamic password feedback feature found in Specops Password Policy.
The dynamic password feedback feature does not eliminate the need for password resets, but it can make the password reset process a lot less painful for the end-user and less costly for the organization.
There are a couple of different ways in which dynamic feedback helps to lessen and end-users frustration. First, when a user resets their password, the dynamic feedback feature clearly displays the organization’s password policy. As the user types their new password, the display automatically reflects which password policy elements have and have not yet been met. If, for example, the organization requires passwords to be twelve characters long, then the password reset screen will display a line of text indicating the required password length. As the user types their new password, a green checkmark will appear next to the requirement once it has been satisfied.
This process can help to reduce end-user frustration by taking some of the ambiguity out of the password reset process. Users don’t have to guess how they can create a new password that fully satisfies the organization’s requirements. The requirements are given to them at the time of the reset.
Another way that dynamic feedback can help to lessen and end-users password frustration is with password aging feedback. The idea behind this is that although NIST and other organizations no longer recommend regularly scheduled password changes, most organizations still required their users to periodically change their passwords. No user likes force password changes, and it can be difficult for a user to remember their new password. The password aging feedback feature rewards users for choosing passwords that are more secure. The more secure a user’s password, the more time is allowed to elapse before the user is forced to change that password. It’s up to the organization to set these password change thresholds, but a user might be required to change a minimally secure password every thirty days, whereas the user might not be required to change a highly secure password for six months.
As previously noted, dynamic feedback can help to reduce help desk calls, thereby also bringing down the organization’s costs. Because password resets are self-service and interactive, users aren’t forced to contact the helpdesk for a password reset. They can complete the process by themselves. This alone helps to reduce costs.
Cost can be further reduced by the simple fact that displaying the password requirements to the user at the time of the password change keeps the user from having to call the helpdesk to find out why none of their attempted passwords are being accepted. Additionally, the password aging feedback feature keeps users from having to change their password quite so often, thereby lessening the chances of them forgetting their password and contacting the helpdesk for a password reset.
All of these features are available in Specops Password Policy, a product that is designed to help organizations more easily maintain their password compliance while also making life easier for end-users.
Featured image: Shutterstock