Introducing G2.ai, the future of software buying.Try now
Technology Glossary

Self-Service Password Reset

Martha Kendall Custard
MKC
by Martha Kendall Custard
Self-service password reset (SSPR) allows users to reset their passwords safely without help from admins. Learn the benefits, how it works, and best practices.
DefinitionSelf-Service Password Reset Software

In this post

In this post

What is self-service password reset?

Self-service password reset (SSPR) is the functionality that allows users to reset their passwords without requiring assistance from an administrator, tech support, or help desk. The process works by providing prompts users follow to unlock their accounts and change their passwords. 

Organizations often use self-service password reset software to reset forgotten or lost passwords without the help of their IT admins so that employees, customers, and other individuals can reset this information at any hour of the day.

Self-Service Password Reset Software
Software that mention self-service password reset as a feature or term.
PortalGuard
PortalGuard
Microsoft Entra ID
Microsoft Entra ID
JumpCloud
JumpCloud
SysAid
SysAid
HelloID
HelloID

Benefits of self-service password reset

Self-service password reset is a way for companies to prevent lost productivity while maintaining proper security measures. Here are some of the main benefits companies can expect after implementing SSPR:

  • Saves time: Users can regain access to their accounts safely without reaching out to an administrator. Doing this reduces periods when work cannot be completed due to lost access, allowing the administrator to spend time on more impactful tasks. 
  • Notifications: Notification settings can be configured within the SSPR program to notify both the users and the identity administrators when login information is updated. 
  • Enhanced security: Users can regain access to their accounts without assistance while maintaining security through careful authentication processes, often two-faction authentication. 
  • Financial implications: The productivity loss that results from password reset situations without SSPR can result in a loss of profit, both for the company and the employee. 
  • Password synchronization: SSPR software can provide password synchronization so that one changed password automatically propagates in associated user directories. This saves time and helps employees manage this information more efficiently.

Basic elements of self-service password reset

SSPR works by providing users with pre-registered authentication methods to regain account access. The following factors are typically considered during the SSPR process:

  • Localization: How the page will be localized, which determines what language is displayed to users
  • Account validity: Whether or not the user account is valid within the program
  • User source: What organization the user belongs to
  • Password management: Where the user’s password is stored or managed
  • Licensing: Whether or not the user is licensed to use the software

Self-service password reset authentication methods

Administrators can configure the number of authentication methods required to regain account access. In most cases, users will need to provide one or two of the following authentication methods:

  • Mobile app notification: Often a notification that prompts the user to click “Yes” or “No” in reply to whether or not they tried logging into an account. 
  • Mobile app code: A mobile app provides a code via push notification that employees can use to regain account access. 
  • Email: An email can be sent to the user’s email address with a link to regain access. 
  • Mobile phone: Either a call or text is made to the user’s dedicated mobile phone number. The user will receive a code or link via text or be prompted to click specific keys to authenticate. 
  • Office phone: This option often requires the company to pay a subscription fee. Authentication calls will be made to the employee’s dedicated office phone number. 
  • Security questions: The user will be prompted to answer predetermined security questions to regain account access. A common security question is, “What is your mother’s maiden name?” Users should choose questions with clear answers that they will never forget. 

Self-service password reset best practices

SSPR best practices are all about keeping company accounts and information secure. Here are some best practices to ensure all information is protected:

  • CAPTCHA (completely automated public Turing test to tell computers and humans apart): CAPTCHA support can be enabled as an additional authentication method. This method is a security measure known as challenge-response authentication. Users complete a challenge to prove they are not computers. 
  • Configure HTTPS and LDAPS: HTTPS combines hypertext transfer protocol and secure socket layer/transport layer security protocol. It’s an authentication and security protocol often used by browsers and web servers. It protects the integrity and confidentiality of data between the user’s computer and the server itself. LDAPS allows for the encryption of user credentials in transit during any communication with the server. Together, these configurations can provide end-to-end data security. 
  • Encryption protocol: A strong encryption protocol should be in place for formatted hashed stored responses. 
  • Source network addresses: SSPR should be configured to note source network addresses so that the company can maintain complete audit records.
Martha Kendall Custard
MKC

Martha Kendall Custard

Martha Kendall Custard is a former freelance writer for G2. She creates specialized, industry specific content for SaaS and software companies. When she isn't freelance writing for various organizations, she is working on her middle grade WIP or playing with her two kitties, Verbena and Baby Cat.

Self-Service Password Reset Software

This list shows the top software that mention self-service password reset most on G2.

PortalGuard

PortalGuard is a seamless solution that provides businesses with the assurance of secure access to sensitive data, including SSO to critical web applications providing users with confidence and secure, hassle-free navigation. Packaged within the PortalGuard product is the ability to seamlessly integrate key authentication options and password management capabilities into a new or existing login portal, without disturbing the theme or overall look and feel of the web portal.

Microsoft Entra ID

Entra ID is a comprehensive identity and access management cloud solution that provides a robust set of capabilities to manage users and groups and help secure access to applications including Microsoft online services like Office 365 and a world of non-Microsoft SaaS applications.

JumpCloud

The JumpCloud Directory Platform reimagines the directory as a complete platform for identity, access, and device management.

SysAid

SysAid is an all-in-one IT service management tool that integrates all the essentials directly into ONE service desk and asset management platform.

HelloID

HelloID is a modern and secure cloud-based Identity & Access Management (IAM) solution. With one powerful cloud solution, you have an answer to the increasingly complex Identity Management issues within your organization.