Understanding PortalGuards

Centralized Self-service Password Reset: From the Web and Windows Desktop

Highlighting the Self-service Password Reset Layer of the PortalGuard Platform

By the end of this tutorial you will be able to

Define PortalGuard
Understand the challenges to finding the right self-service tool Discover PortalGuards Centralized Self-service Password Reset See the Step-by-step Authentication Process

Know the Technical Requirements

The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications.
Usability Single Sign-on
Password Management Password Synchronization Self-service Password Reset

Security
Knowledge-based Two-factor Authentication

Contextual Authentication
Real-time Reports/Alerts

Before going into the details

Exact same user interface for both the Web and Windows Desktop Support roaming - challenge questions stored in central server location

Password reset from an iPad or mobile phone

Use two-factor authentication to further verify users identity Support disconnected/offline users - using password recovery

PortalGuard supports any LDAP compliant directory

Encrypted drives are supported

Tiny footprint on the Windows desktop Side-car mode - add self-service functionality to existing login screens
Verbal Authentication to prove callers identity

Supporting users can prove taxing

Shopping for the right tool can be challenging

What are your requirements?

What are your budget and Help Desk costs?

Are the vendors Im looking at offering up-to-date features?

Disconnected/Offline user support Auditing Mobile phone support

Self-service password reset is The process that a user initiates to prove their identity with the end goal of resetting their password. Self-service password recovery is The process that a user initiates to prove their identity with the end goal of obtaining the current password value without changing it.

+ OTP

PortalGuards SSPR
Is flexible and offers a complete solution which has evolved with industry demands.

PortalGuards SSPR
Is flexible and offers a complete solution which has evolved with industry demands.
Password Reset Password Recovery Account Unlock

PortalGuards SSPR
Is flexible and offers a complete solution which has evolved with industry demands.

Disconnected/Offline Password Recovery

PortalGuards SSPR
Is flexible and offers a complete solution which has evolved with industry demands.

OTP

FEATURES

General Features:

Provides password reset, recovery and account unlock Disconnected/Offline user support Forced user enrollment (optional) Integrates with AD, Novell eDirectory or any LDAP-compliant directories and custom SQL user repositories Encrypted hard drive support Supports multiple authentication methods Email notifications of password resets to both admin and/or user Lock-out thresholds Mobile browser support

Challenge Questions & Answers Features:

Centralized challenge information stored on server Configurable number of mandatory/optional questions Allows import/pre-population of challenge answers Prevent repeat answers for multiple challenge questions Prevent answers from containing words from the question text Answers can be case sensitive Configurable minimum length for challenge answers

Administrative Features:
Help Desk Console provide interface for HD staff Verbal Authentication allows HD staff to authenticate a caller Administrator Dashboard

Windows Desktop Support:

Supports Windows versions XP, Vista and Windows 7 Self-service directly from Ctrl+Alt+Del Windows logon screen

 Increased Usability - users are now empowered to self-service their own needs and maintain productivity Increased Security - provides two-factor authentication Centralized Solution - same user interface for both the web and Windows desktop No Kiosks - perform all self-service actions directly from the users machine No Guest Accounts - all actions are performed from the users primary account Reduced Costs alleviate password-related Help Desk calls and demands on IT staff Flexibility - configurable to the user, group or application levels Seamless Integration - use sidecar mode to retrofit existing application login screens

HOW IT WORKS

PortalGuard provides flexibility

Allows you to configure whether the enrollment will be forced or able to be postponed x number of times by the user.

The Enrollment Process

Step 1: The user attempts to login to a companys portal as usual.

The Enrollment Process

Step 2: In this case, the user has not yet enrolled their challenge information so PortalGuard automatically displays the enrollment screen in sidecar mode.

The Enrollment Process

Step 3: The user is prompted to provide answers to the challenge questions.

The Enrollment Process

Step 4: The process is complete and the user is now enrolled.

Step 1:
The user attempts to login to a companys existing portal but has forgotten their password. The user then clicks the Forgot your password? link.

Step 2:
The user selects from the Recovery Actions Available which selfservice action they would like to perform. The user selects the Reset Forgotten Password radio button and clicks Continue.

Step 3:
The user is then prompted to provide their enrolled answers to the enrolled challenge questions. Once the user has supplied the answers they click Continue.

Step 4:
The users identity has been verified and they are able to set a new password.

Configurable through the PortalGuard Configuration Utility:

Self-service options available to users Authentication types available for each selfservice action

Configurable through the PortalGuard Configuration Utility:

Enrollment - optional, required or disabled
Recovery lockout limit Answer complexity Number of optional questions Number of mandatory questions

Configurable through the PortalGuard Configuration Utility:

Mobile Phone: Enrollment - optional, required or disabled Phone number format Delivery format

Configurable through the PortalGuard Configuration Utility:

Email: Enrollment - optional, required or disabled
Domain blacklist Email display Email format including From, Subject and Body fields

Configurable through the PortalGuard Configuration Utility:

Notifications: Type of self-service including account unlock, password reset and recovery

TECHNICAL REQUIREMENTS

A MSI is used to install PortalGuard on IIS 6 or 7.x.

This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only.
IBM WebSphere/WebSphere Portal v5.1 or higher Microsoft IIS 6.0 or higher Microsoft Windows SharePoint Services 3.0 or higher Microsoft Office SharePoint Server 2007 or later

.NET 2.0 framework or later must be installed (64-bit OS only) Microsoft Visual C++ 2005 SP1 Redistributable Package (x64) Microsoft Windows Server 2000 Microsoft Windows Server 2003 (32 or 64-bit) Microsoft Windows Server 2008 (32 or 64-bit) Microsoft Windows Server 2008 R2

THANK YOU
For more information visit PortalGuard.com or Contact Us