Supporting an entire user base can be taxing for IT departments of all sizes, especially on the administrative side of things. Most studies show that the cost of password resets can range from $25 to $75 per incident and account for around 30 percent or more of Help Desk calls. This provides ample reason and demand for password reset and recovery tools which empower the end-user with self-service.
Unfortunately, shopping for a self-service tool isn't always easy. To simplify matters, the first step is to understand the scope of your requirements by documenting your user access scenarios. For example, how will roaming users change their passwords remotely, or how will a forgotten password be recovered on a laptop with an encrypted hard drive? Along with these requirements, determining your budget and current Help Desk costs without a solution in place will allow you to forecast your Return on Investment (ROI) and further narrow down the vendor selection.
Another point to consider is the evolution of self-service password reset and whether or not the vendors that you are evaluating are keeping pace. You'll find that, on their own, many tools are not fully compliant with the security standards of most companies.
The problem of forgotten passwords has been around since passwords were first used, but expanding access scenarios and advanced attacks are requiring the adoption of more advanced solutions.
For example: Simply providing basic password reset is no longer enough in the current digital climate. An entry point solution is now expected finish adding to provide options for additional scenarios, such as:
- Offline or disconnected users who need to reset or recover a password.
- Advanced auditing and reporting functionality Ability to leverage personal devices (such as mobile phones).