Enable self-service password management
Contact UsSpecops uReset lifts the burden from the IT service desk by enabling end users to address common Active Directory password management tasks including forgotten passwords, locked-out accounts, and password resets and changes. With a flexible MFA engine designed to support all kinds of users, uReset ensures that organization scan enable their users to reset passwords themselves from any location, device, or browser – on or off VPN.
Enrolling with uReset is simple. Guide users to their enrollment using configurable reminders and notifications. To guarantee adoption, use the pre-enrollment options (3rd party ID services like Okta or Duo, AD attributes and more) to register users before roll out. If you are using uReset with any other Specops Authentication products,you can extend user enrollments to secure service desk assisted password resets and encryption key recovery.Additionally, customers using Specops uReset with Specops Breached Password Protection will be able to prevent users from selecting a compromised password during the password reset process.
Feature Highlights
| Features | Specops uReset | Microsoft Entra (Azure AD) Self-Service Password Reset |
|---|---|---|
| Integration with Entra ID (including MFA enrollments) | Yes | Yes |
| OOTB 3rd party identity services e.g. Duo Security, Okta, Symantec VIP, PingID | Yes | No (not for reset) |
| Updates locally cached credentials (remote) | Yes (on or off VPN) | No |
| Compromised password check | Yes, block over 4 billion known compromised passwords (with Breached Password Protection) | No, allows use of leaked passwords based on scoring algorithm |
| Securely share password with new hires | Yes (email/text enrollment link) | No |
| Helpdesk interface | Yes, with Secure Service Desk | No |
| Enrollment notifications | Yes (Email, SMS, balloon tip) | Limited (Email) |
| Dynamic password policy display | Yes | No, users receive vague guidance |
How does it work?
Specops uReset is natively integrated with Active Directory. Configuration of the system is done using Group Policy, without introducing added complexity to your environment. This means that no external database is required to store password related information, with user data is stored directly in Active Directory.
Specops uReset consists of the following components and does not require any additional resources in your environment. The authentication engine, web, and identity services are hosted in the cloud.
What does it look like?
End user experience
Specops uReset uses a dynamic and customizable password policy rules display to guide users with real-time feedback as they are typing in their new password.
This allows users to self-correct before submitting the new password and ultimately reduce calls to the service desk.
Specops uReset customers using Specops Password Policy can also display length-based password aging and compromised password check feedback.
Admin Experience
Specops uReset enhances password security by extending multi-factor authentication to self-service password resets. There are 20+ identity services available to ensure that you can select the best options for your users.
The 20 identity services enable organizations who are balancing security considerations against the reality of MFA options available for their users to still extend MFA to their users, whether they have their own mobile device or not. Administrators can assign each identity service a trust value, based on their perceived level of security. The trust assignment is managed via stars, as shown in the administrator view above.
The variety of MFA options also means organizations concerned with MFA attacks like MFA bombing or MFA fatigue attacks can require multiple types of ID services including ones that are inherently resistant to an MFA push spam attack like OTP apps, hardware tokens, and more.
How customers are using Specops uReset
Case study highlights
Quickly resetting insecure passwords after ransomware attack
When a group of hackers used weak passwords to carry out a ransomware attack on the municipality of Kalix in Sweden, the municipality worked turned to Specops uReset to quickly remove the risk of still-in-use harvested credentials from the ransomware attack.
Eliminating 150 helpdesk calls in the first month
When Montgomery County Community College saw enrollment and adoption issues with their existing password reset solution, they turned to Specops uReset for easy enrollment and improved end user experience.
Reducing need for off-hour IT support with employees traveling across time zones
When one manufacturer saw challenges supporting password reset calls from employees that were on the road in different time zones, they sought out Specops uReset to improve productivity and reduce frustration for their IT department.
Get a Demo of Specops uReset
Interested in seeing how Specops uReset can work in your environment? Click here to set up a demo or trial today.
Our Technology Partners
Our Technology partnerships ensure that organizations can confidently extend the value of their existing investments and systems to optimize password security– whether that’s extending existing multi-factor authentication investments or extending Microsoft Active Directory functionality. Read more about our partners.
