Right Discovery Leads to Faster Implementation
Enable one-click secure access to all your application
Multiple passwords are a thing of the past. Access all apps, in a single platform, with a single click.
- Reduce help desk call volumes
- Free your IT help desk for other productive tasks
- Cut password reset costs up to 80%
- Enhance end user productivity
- Increase security with Multi-Factor Authentication
Single Sign-On Features
| Features | Single Sign-On |
|---|---|
| Self-Service Branding | |
| Enterprise Portal Integration | |
| Global inactivity time logout (GITO) | |
| Self-Service Administrative Console | |
| Role-based Access Control | |
| Globally Configure Challenge Questions and Answers | |
| Integrate Multiple Active Directories | |
| Reporting and Analytics | |
| Smart Helpdesk |
FAQs
What is smart password manager?
Smart Password ManagerTM allows end-users to easily reset their Active Directory password using multiple factors, thereby eliminating the need of calling help desk for password reset. Our intuitive solution and state-of-the-art cloud operations make password reset a low risk and high value endeavor. Additionally, it gives back hours every day to IT and security teams.
Do you support multiple active directory?
Yes, we have out-of-the-box support for multiple active directories.
How do I connect with an enterprise active directory?
You can either whitelist our IP addresses or we can setup a site-to-site VPN tunnel between two networks.
NOTE: VPN tunnel shall be at an additional cost of $750 / year.
NOTE: VPN tunnel shall be at an additional cost of $750 / year.
What port shall I be using for password reset?
You should use LDAPS port i.e. 636.
What is AD bind account?
Bind account is an account for Active Directory that has read ability on the attribute to which the user will authenticate.
Do I need a certificate to be deployed on our enterprise domain controllers?
Yes, you do need a certificate as password reset happens over a secure port, requiring a self-signed certificate or a valid certificate.
What is the need to whitelist the IPs mentioned?
To be able to connect with the enterprise Active Directory, we need the IPs to be whitelisted. We can even connect with your AD setting up site-to-site VPN tunnel between the two networks.
What recovery factors do you support for password reset?
Currently, Password Reset Tool supports challenge questions and answers, email, SMS and YubiKey.
Can users configure their own password recovery factors?
Yes, rule-based configuration on the basis of groups is available in active directory. You have the option to make the factors mandatory or optional.
Can users configure their own factors?
Upon first successful login, users will be redirected to security setup page wherein they can configure their factors.
NOTE: This could be made mandatory or optional. If this setting is made mandatory, the users won’t be able to perform any activity before completing their factor configuration.
NOTE: This could be made mandatory or optional. If this setting is made mandatory, the users won’t be able to perform any activity before completing their factor configuration.
Can I administratively define my own enterprise questions?
Yes, you can pre-define your own questions for your users.
Can users create their own password recovery questions, or do they have to select from a globally preset list of questions?
Users can either create their own questions or select from a pool of administratively defined questions which is highly recommended by us.
How many email addresses are supported with email factor?
Administrators can enable two personal email addresses.
How many phone numbers are supported with SMS factor?
Administrators can enable two phone numbers.
For how long time-based one-time passcode (totp) is valid?
TOTP is valid only for 15 minutes.
Is there a cap to the number of minimum and maximum questions to be added in the “sample pool of questions”?
No, there is no cap to the number of minimum and maximum questions to be added in the “sample pool of questions” but we recommend using 10-15 questions.
How many countries are supported with SMS?
We can deliver SMS (text) messages to 200+ countries.
What if a user is unable to use password reset?
Users are allowed to use any of the available factors to help reset their password. In case of a complete lock-out, they can always still call enterprise help desk.
NOTE: We provide an intuitive help desk interface which could be used by enterprise help desk resource to help reset passwords for the end-users without having to connect with Active Directory.
NOTE: We provide an intuitive help desk interface which could be used by enterprise help desk resource to help reset passwords for the end-users without having to connect with Active Directory.
How can I enable smart password manager?
You can submit the request via your Customer Success representative, and they can get the services enabled for you.
NOTE: Our platform is self-serviceable, and all the settings can be configured by you.
NOTE: Our platform is self-serviceable, and all the settings can be configured by you.
What reports are available with smart password manager?
At present, we support the below mentioned reports:
- Success v/s Failures during password reset activity
- List of locked v/s disabled accounts
- SMS Success v/s Failure reports
- Product adoption report
- Username recovery report
Can users be given a notification to update their security profile after every ‘x’ days?
Yes, this is a configurable option.
Where are password policies defined?
Password policies are defined in the Active Directory. Smart Password ManagerTM leverages policies from the AD.
Can I store security questions and answers in the enterprise active directory?
Yes, you can store security questions and answers in the Enterprise Active Directory.
Can we customize the mail/SMS messages received by the end users?
Yes, you can customize mail/SMS messages.
Will I see password policies while resetting the password?
Yes, you will see password policies while resetting the password. These policies will be predefined in your AD.