How to Avoid the Forgotten Password Blues

One of the simplest things a computer user needs to do each day can also be the most frustrating. Type your password wrong one too many times and you are locked out of your account. Most firms require strong, unique passwords because they are an excellent first line of defense against cyber criminals. They also realize that limiting password attempts is effective at thwarting brute force attacks. The problem for us mortals is that we can only remember so many passwords and the more complex they must be, the more difficult the task.

This month we are sharing some ideas to help your team login fast and spend less time waiting for someone to unlock their account.

Password Managers

A password manager will dramatically improve your online security and convenience by generating and securely storing a unique, complex password for every single account you own. By preventing users from reusing passwords, password managers ensure that if one service suffers a data breach, all your other accounts remain safe.

The good news: You only have to remember one password – for the Password Manager.

By consolidating all your logins behind one strong Master Password, it removes the need to remember dozens of credentials. With the help of cross-platform apps and browser extensions, the password manager will autofill your passwords. And when it is time to change passwords, the system will generate a new password and store it for you. Because you never have to remember, type, or even see these passwords, you can make them as strong as you like.

Self-Service Password Reset (SSPR)

Many B2C firms have embraced SSPR to improve user experience because they deal with a large number of infrequent users, who access their systems at all hours of the day and night. This user community is highly likely to forget or mistype passwords because they don’t login often. Organizations can take advantage of this same technology to assist users trying to connect to the company domain or email system, so they don’t need to call a help desk. SSPR works 7x24x365, so your team doesn’t have to!

1. Microsoft Entra ID (formerly Azure AD) Self-Service Password Reset (SSPR). This is the native SSPR feature for organizations using Microsoft 365, Azure, and Windows with Active Directory. It lets users reset their password from the Windows sign-in screen, a web portal, or a mobile app. Users verify their identity via mobile phone, a secondary email, or an authenticator application and then can create a new password. Entra ID works seamlessly for cloud and on-prem systems when Microsoft Entra Connect is used.
2. Third party tools include:
   •  ManageEngine ADSelfService Plus: A comprehensive solution for Active Directory that offers a web-based portal, multi-factor authentication (MFA) options, and strong integration with Windows/AD.
   • Specops uReset: Focuses heavily on security and offers self-service password reset for both Active Directory and Entra ID (Azure AD), including the ability to update local cached credentials for remote users.
   • SysAid Self-Service Password Reset: Integrates into a broader IT Service Management (ITSM) platform, allowing users to reset their domain password from the Windows login screen, a portal, or a mobile device.
   • Avatier Password Management: Provides self-service password reset and account unlock across various platforms, often supporting biometrics and other advanced verification methods.

User Training

Here are some simple reminders that can help reduce the number of support tickets you receive each month.

• Clear Cached Credentials in your mobile phone after a password change. If this isn’t done, an app that repeatedly tries to login can lock out your account.
• Update new passwords in any desktop sync applications (like OneDrive or Dropbox).
• Always check the “Remember Me” box to save credentials on computers you use daily. This prevents users from entering the incorrect username or domain.
• When you make a mistake on the first try:
  • Check the Caps Lock key.
  • Type your password again slowly and deliberately.
  • Use the “Show Password” option so you can see what you are entering.

We’re here to help businesses in Rhode Island and Southeastern Massachusetts run smoothly and securely. By adopting these simple habits and leveraging the right tools, you can spend less time locked out and more time focused on what truly matters: growing your business!