Confidence in Every Log In, 24/7

Specops Self-Service Password Reset (SSPR)

Reduce Helpdesk Costs With Secure Self-Service Password Resets

Attackers target self-service resets with automated push bombing and AI-generated phishing: uReset is built so neither gets through. uReset lets users securely reset their Active Directory or Entra ID passwords (and, when using Active Directory, update local cached credentials) from any location, device, or browser, whether on or off VPN. Integrates with SIEM, SOC, & Analytics platform for full security event visibility

uReset example GIF

Cut reset costs & restore access quickly 

Slash Helpdesk Costs

Reduce per-reset helpdesk costs and reallocate agents to higher-value work. 

Keep Remote Teams Productive  

Restore access fast, reducing downtime for hybrid & remote workers. 

Secure, Frictionless Onboarding  

Speed up new-hire productivity while maintaining control & security. 
Book a Demo

Better Password Resets for End Users and IT Teams 

Gartner found 40% of all help desk calls to the service desk are related to passwords – and Forrester estimate each reset costs $70. Why not ditch the hassle without impacting end user experience? Specops uReset lets your end users easily and securely reset their own passwords. You can also reduce the time and cost burden on service desks and IT teams by taking away the headache of managing endless password recoveries and resets.

uReset End user Options screenshot

Ideal for Hybrid and Remote Teams

  • Remote users can change expired or forgotten passwords from any location, device, or browser. Perfect for any end user who needs authenticating, not just office workers at workstations
  • When using Active Directory, prevents hard to troubleshoot service desk calls by updating the local cached credentials, even when a Domain Controller cannot be reached and the user is off VPN
  • Fewer password reset calls means more IT team time for other tasks and lower service desk costs

Flexible MFA Options

  • AI-generated phishing emails impersonate IT and HR teams: uReset’s secure enrolment flow means users only set their password through verified, secure factors
  • Allows users to verify their identity via third-party identity providers including: Duo Security, Google Authenticator, Microsoft Authenticator, Okta, PingID, Symantec VIP, and Yubikey
  • Multiple authentication options guarantee users will complete the password-reset task, even if an identity provider is unavailable
  • IT teams can enforce user ID verification by blocking service desk staff from resetting passwords, and other sensitive actions, until they complete the end-user ID verification step
uReset Admin Screen

Simple Auto-Enrollment and Enforcement

  • Admins can automatically enroll users to the password reset system via any identity provider that has identifier information in Active Directory
  • Alternatively, admins can guide users to the enrollment process via notifications, including emails, balloon tip pop-ups, or a full-screen browser when the user logs in to Windows
  • uReset also offers various reports to help you keep track of your enrollment progress
  • Integrates with SIEM, SOC, & Analytics platform for full security event visibility.
FDP Asset

Secure New Hire Passwords

  • With the First Day Password addon, IT staff never have to share a first day password with a new hire ever again
  • New hires are particularly vulnerable to AI-powered phishing: uReset’s secure enrolment flow means users only set their password through verified, secure factors
  • New employees verify who they are via government-issued ID such as a driving license, ID card, or passport (they can also use mobile code or personal email ahead of setting their first password)
  • IT staff can automatically share a link to set their first password via text or email or direct employees to click “reset password” at the logon screen
Specops Verified ID Liveness Scan

Specops Verified ID: Phishing-Resistant Verification

As AI-generated deepfakes make it increasingly easy for attackers to fabricate convincing identity documents and bypass voice or face-based checks, Specops Verified ID provides a verification layer that synthetic media cannot fool: government-issued document scanning combined with AI-driven biometric liveness detection.

  • Government-Issued ID Verification: Validates users using trusted identity documents such as passports, driver’s licenses, and national ID cards, leveraging AI and machine learning algorithms. These documents include standardized security features designed to prevent forgery. All AI and machine learning algorithms are pre-trained and operate without using or retaining customer data for training purposes.
  • Biometric Liveness Detection: AI-driven real-time biometric analysis confirms the person presenting the document is physically present, preventing spoofing attempts using photos, videos, or masks.
  • Validated Against Active Directory: Key attributes from the scanned document are matched against the user’s directory record before the reset is permitted, removing reliance on knowledge-based answers that attackers can source from data breaches
  • Simple to Add to Your uReset Workflow: Specops Verified ID is available through the Specops:ID mobile app (free for iOS & Android) and is added to uReset via simple configuration, with no separate infrastructure or enrolment process required.
  • Global Document Support: Support for 16,000+ government-issued identity documents across 254 countries and territories.
Learn More
compliances and certifications

Compliance Readiness 

Simplify your compliance and audit efforts. Specops uReset is designed to align with these common regulatory and industry requirements:

Customer Reviews From Gartner Peer Insights & More

See what satisfied customers on Gartner Peer Insights had to say after buying and deploying Specops

Visit Gartner
Read Full Review
Amazing lightweight tool which can be installed and used within minutes, provides key security information on what your users are doing with there password decisions and also there inactivity. Creates actionable spreadsheets and pdf's so you can target the users who are using breached passwords.
Ryan C
Infrastructure Engineer, Capterra
Read Full Review
Our company needed a way to protect our staff and IT staff from vishing impersonation calls as well as harden our password policy compliance so we could get our ISO 2700 certification. Specops provided all the tools we need all in one package."
Cybersecurity specialist
IT Security and Risk Management
Read Full Review
Specops Password Auditor provides a quick an easy method to get a view of how your organization is complying with company password policy. The drill downs allow me to view the information that is most important.
Paul M
Sr. Infrastructure Analyst, Capterra
Overall
Ease of Use
Customer Service

Customer Reviews From Capterra

Visit Capterra

Features

We’ve designed uReset with both end users and IT teams in mind. Users are satisfied as they can solve password resets on their own – while IT admins can rest assured the process is secure. Overview of relative strengths of password policies including change interval and dictionary enforcement

Accessible from any web browser, the Windows logon screen, and the mobile app

Security Event API integration for SIEM, SOC, & Analytics platforms

User interface available in multiple languages including English, French, German, and many more

When using Active Directory, updates the local cached credentials for remote users, even when off VPN

20+ identity service providers including Duo, Manager verification, Microsoft Authenticator, Mobile Code, Okta, Ping, Yubikey, Passkeys, Entra ID and more

Helpdesk interface for verifying users, unlocking user accounts, and setting temporary passwords

Customizable user interface where admins can change the text, logo, and colors

User enrollment enforcement with un-closable full-screen browser

MFA-fatigue attack resistant factor options like Trusted Network Location, Microsoft Authenticator, Google Authenticator, and more

Auto-enrollment options with mobile code, Duo, Okta, Ping, Yubikey, and more

Block/allow self-service password resets by geographical location (country), or specific IP addresses

Enrollment notifications via system tray and email

Combine with Specops Password Policy to block the use of over 5 billion compromised passwords in real-time at password reset/change

Statistics and audit reporting to view usage and track system events

Verify new hires via mobile code or personal email before they set a first password

Book a Demo

Frequently Asked Questions

SSPR lets end users reset or change their own Active Directory or Entra ID passwords—whether they’re in the office, remote, on or off VPN—via a web browser, Windows logon screen, or mobile app. When using Active Directory, Specops uReset verifies user identity with multi-factor authentication and then updates both AD and local cached credentials in one seamless flow.

Reduced helpdesk load: 40 % of service-desk calls are password-related, and each reset can cost ~$70. Automating resets frees IT to focus on higher-value work.

Improved end-user experience: Users solve their own password issues quickly and securely, from any device or location.

Cost savings: Organizations typically save tens of thousands annually in reduced call-volume costs.

Specops uReset integrates with Specops Secure Access, as well as with over 20 identity providers, including Duo Security, Google/Microsoft Authenticator, Okta, PingID, Symantec VIP, YubiKey, mobile code, Passkeys, Entra ID, and more. You can require one or multiple factors to ensure secure identity verification.

Auto-enrollment: Pulls identifier data from AD to automatically enroll users.

Guided enrollment: Prompts users via email, balloon pop-ups, or a full-screen browser on Windows logon.

Enforcement: You can lock down access until users complete enrollment, ensuring full coverage.

Yes—uReset lets you block or allow resets based on country or specific IP address ranges, adding an extra layer of location-based security.

Absolutely. It leverages your current directory for authentication, policy enforcement, and reporting—no directory migration required.

Beyond MFA and geo-blocking, uReset includes MFA-fatigue–resistant factors (trusted network location, passkeys), optional integration with Specops Password Policy to block compromised passwords in real time, and full audit trails to detect abnormal reset patterns.

A secure onboarding feature that lets new hires verify their identity (via mobile code or personal email) before setting their first AD password—eliminating shared “welcome” passwords and enhancing new-employee security.

Yes, the latest Specops Client has built-in Imprivata compatibility, giving your users a seamless password reset experience on Windows devices.

Want to Know More?

Explore additional resources.

screen with lock on it

Datasheet

Comprehensive overview of Specops uRest for Cloud
Learn More

Weak Password Report 2026

Analysis over six billion malware-stolen credentials collected during 2025
Learn More

Comparison: Microsoft Entra (Azure AD) Self-Service Password Reset

Compare Microsoft Entra Self-Service Password Reset and Specops uReset
Learn More

Want a Live Demo? Let’s Talk!

Password resets are a small annoyance that add up to lots of wasted time and resources. Find out how uReset can fit into your organization to reduce helpdesk calls and improve end user experience.

Need More Info?

Stay in the Loop with Specops

Check our latest research, blogs, and best practices to level-up your cybersecurity program.

View All Posts

This website uses cookies to ensure you get the best experience on our website. Learn more

Got It!