mPass - Manage Passowrd Solution
Publication Date: 2010-Nov-15
The IP.com Prior Art Database
This article describes the concept and methods of implementation of mPass solution. The major objectives of the mPass solution are: - To provide self enablement methods to end users of various business organizations to reset their passwords and unlock their ids on various sub systems and applications. - To ensure that solution provides mechanisms to ensure that organization’s requirements for security compliance are met. - To demonstrate reduction in efforts made by IT service provider helpdesks for password reset and account unlock requests. - To develop and deploy the solution with cost effectiveness.
Page 01 of 4
mPass - Manage Passowrd Solution
Business needs and environment
IT Service Providers (both internal & external), provides IT Infrastructure and Services to business organizations. These services are used by organization's regular employees, contract employees, vendors and other designated people who work on behalf of the organization, referred in this document as users.
For authenticating users in the IT environment (including infrastructure and applications), users are provided with user ids and passwords for various services they use. These user ids are subjected to be locked, based on various security and configuration settings. Also the passwords for these user ids are subjected to regular change and to enforce a required complexity.
In event when the user ids get locked, or user forgets the associated passwords, they use either automated or manual methods to get the user ids unlocked and passwords reset.
IT Service Providers provides centralized or distributed helpdesk at these accounts. Users contact these helpdesk through phone, email or web to report their IT issues and requests. Analysis of issues reported at various service provider helpdesk, shows that password resets and account unlocks of various services and applications, contribute about, 40% to 80% of total service requests reported.
Currently the password reset and id unlock requests are handled by the IT service provider's helpdesk. Usually the average resolution time for such issues range from 5 minutes to 10 minutes.
Although many applications and services in the account provide features such as "Forgot Password" links, users still call up helpdesk, as they forget the answers to the challenge questions.
Also many business organizations have domain based (Active Directory) setup, where user needs to log on to their corporate domain, before they can access any other service or application. In event, when user forgets the password for their AD account, or if, the AD account is locked, users are not able to reach the application "Forget Password" link.
Target Solution Design
The target solution will be deployed at either:
1. Only business organization's IT infrastructure.
2. Mix of service provider's and business organization's IT infrastructure.
The target solution for any business organization or group of them, will include modules from following groups:
1. Input Modules:
a. SMS based input system
b. Web based input system
Page 02 of 4
c. Pre-login screen desktop input system
Voice based input system
e. Email based input system
2. Authentication Modules:
a. HR Information based authentication
b. LDAP Information