Browse Prior Art Database

mPass - Manage Passowrd Solution

IP.com Disclosure Number: IPCOM000201538D
Publication Date: 2010-Nov-15
Document File: 4 page(s) / 116K

Publishing Venue

The IP.com Prior Art Database

Abstract

This article describes the concept and methods of implementation of mPass solution. The major objectives of the mPass solution are:

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 4

mPass - Manage Passowrd Solution

Business needs and environment

IT Service Providers (both internal & external), provides IT Infrastructure and Services to business organizations. These services are used by organization's regular employees, contract employees, vendors and other designated people who work on behalf of the organization, referred in this document as users.

For authenticating users in the IT environment (including infrastructure and applications), users are provided with user ids and passwords for various services they use. These user ids are subjected to be locked, based on various security and configuration settings. Also the passwords for these user ids are subjected to regular change and to enforce a required complexity.

In event when the user ids get locked, or user forgets the associated passwords, they use either automated or manual methods to get the user ids unlocked and passwords reset.

IT Service Providers provides centralized or distributed helpdesk at these accounts. Users contact these helpdesk through phone, email or web to report their IT issues and requests. Analysis of issues reported at various service provider helpdesk, shows that password resets and account unlocks of various services and applications, contribute about, 40% to 80% of total service requests reported.

Solution background

Currently the password reset and id unlock requests are handled by the IT service provider's helpdesk. Usually the average resolution time for such issues range from 5 minutes to 10 minutes.

Although many applications and services in the account provide features such as "Forgot Password" links, users still call up helpdesk, as they forget the answers to the challenge questions.

Also many business organizations have domain based (Active Directory) setup, where user needs to log on to their corporate domain, before they can access any other service or application. In event, when user forgets the password for their AD account, or if, the AD account is locked, users are not able to reach the application "Forget Password" link.

Target Solution Design

The target solution will be deployed at either:

1. Only business organization's IT infrastructure.
2. Mix of service provider's and business organization's IT infrastructure.

The target solution for any business organization or group of them, will include modules from following groups:

1. Input Modules:
a. SMS based input system
b. Web based input system

1


Page 02 of 4

c. Pre-login screen desktop input system
d. IVR

/

Voice based input system
e. Email based input system

2. Authentication Modules:
a. HR Information based authentication
b. LDAP Information
c. I...