SafeStone Helps Users Help Themselves to New Passwords

by Alex Woodie

Every time a user forgets a password, it costs the company an average of $21 in lost time to have the user's password reset by an administrator, says SafeStone Technologies, an OS/400 security software vendor from Princeton, New Jersey. Not so any more. SafeStone last week announced DetectIT Self Help, a utility that allows users to reset their own passwords, thereby saving the company time and money.

SafeStone is the latest software vendor to introduce a password reset application. Several others have introduced solutions for the OS/400 platform in the past year and a half. Central to SafeStone's solution is a process of selecting and administering a series of questions that users are asked before they are granted authority to change their password.

The DetectIT Self Help process starts with the challenge questions. In order to gain entry to the area of the application where users can reset their own password, they must provide exact answers to specific questions. The security administrator selects the number of validation questions a user must answer correctly to gain entry to the password reset page, as well as the questions themselves. However, the users provide the answers to these questions, and the administrator is not allowed to view or change the answers.

After the security administrator has defined the number and content of the questions--including configuring how many wrong answers a user may have and still gain entry, the length of answers, and any inappropriate characters he may wish to ban from the answers--it's time for the users to provide DetectIT Self Help with answers to the challenge questions. Users do this by logging on to the OS/400 server by using predefined global log on profiles and individualized user IDs. At this point, each user is asked to answer the challenge questions, after which the user's password is set to a default, which could be his mother's maiden name or some other word. The next time the user signs on to the OS/400 server, he is immediately prompted to change the default password. Changing the password again is a matter of correctly answering the challenge questions.

Each time users change their password, DetectIT Self Help automatically sends a notice to an administrator. The application also tracks failed password resets, for auditing purposes. DetectIT Self Help integrates with SafeStone's multi-platform synchronization and single sign-on utility, called DetectIT Access Control. DetectIT Self Help can be deployed in languages other than English. Pricing was not available at press time. For more information, contact SafeStone at www.safestone.com or 800-558-3544.

Sponsored By CMS MANUFACTURING SYSTEMS

CMS Manufacturing Systems – Function, Value, Reliability CMS Manufacturing Systems offers a comprehensive, Internet-enabled ERP/Supply Chain Management solution, CMS/400 v5.0, for small and medium-sized manufacturing enterprises in tight supply chain relationships, typical of a wide range of industries, from automotive to consumer goods. CMS/400's fully integrated suite of modules is sold as a single comprehensive solution, without tier or user-based pricing. And CMS staff provides all post-sales support, including, implementation, training and ongoing education and support. CMS has installations in over 2,500 plants worldwide. CMS/400's functionality includes integrated EDI/Release Accounting, CRM, Real-Time Shop-Floor Reporting, Production Analysis Tool-Set, Event Monitor, Materials and Logistics Management, APS, Financial Management, MPE, Tooling and Maintenance Integration and is fully Internet enabled with the CMS Easy e-Business Suite. This enhanced e-business capability completes the picture, making CMS the one-stop, single-source, turnkey solution provider for small and midrange enterprises with ERP/Supply Chain Management system needs. And once a new customer has purchased CMS/400, CMS commits its planning, implementation and training resources to helping management and staff fully realize CMS/400's capabilities throughout the enterprise. To learn more about CMS/400, and to register for a no-obligation test-drive, go to sales@cms400.com or www.cms400.com, or call 888-426-7400.