Forgotten Password Problem Solved, Kisco Says
January 14, 2014 Alex Woodie
Help desk personnel will be free to pursue more fulfilling activities as a result of Kisco Information Systems‘ latest software, iResetMe. Unveiled last week, the new product allows IBM i users to reset their own passwords from a secure Web connection, thereby alleviating help desks from the burden of resetting forgotten user passwords.
Password resets are the single most common activity at IT help desks in the Western World. According to Gartner, 20 to 50 percent of calls to the help desk are for password resets, and each reset cost from $14 to $28. Those figures are from 2003, but considering the larger number of passwords people are required to remember today and the overall lack of adoption of single sign-on (SSO) solutions, those figures have probably gone up.
Kisco’s new iResetMe enables users to reset their own forgotten passwords in a secure manner. To reset a forgotten or expired password, users simply click on a hyperlink to open an encrypted Web session with the iResetMe product. After correctly answering one or more challenge questions, which they set during the enrollment period, they are free to select their new passwords.
The whole system runs directly on the IBM i server, via the integrated Apache Web server, and is fully logged for auditing purposes, Kisco says. The company ships a preconfigured Apache server instance with the product, and provides detailed instructions on other configuration steps that are necessary.
Administrators can control which users are allowed to reset their own passwords. For example, it may not be advisable to allow user profiles with powerful authorities, such as ALLOBJ authority, to use the iResetMe service, just because those user profiles are more likely to be abused or to be the target of a malicious attack. By default, iResetMe does not work with any user profile that begins with Q, including QSECOFR.
The product will automatically shut a user profile out of iResetMe after a certain number of failed attempts to answer the security questions. At that point, the only way to reset the password would be to do a manual reset the old fashion way: by calling up the IT help desk and letting them do their thing.
The first version iResetMe only works with 10-character passwords, which corresponds to system password levels 0 (zero) and 1 (one), which is how most current IBM i systems are implemented, Kisco says, adding that it plans to support password levels 2 and 3 in a future release.
There’s no doubt that passwords are a blight on the minds of overworked users. However, they remain a critical component of the security infrastructures at many corporations. Minimizing the pain of dealing with forgotten passwords would seem to be a no brainer. The only question is: How will IT help desk personnel use their reclaimed time?
iResetMe is available now. The software runs on i5/OS V5R4 through IBM i version 7.1. Pricing starts at $495 for a single partition with a 25-user license, and runs up to $1,295 for a single partition with an unlimited number of users. For more information see www.kisco.com.