The password reset just might be the most notorious high-volume, repetitive IT ticket ever.
Who actually remembers passwords, anyway? Considering just about everything done online requires some sort of login with a unique username and password, remembering all those individual combinations of letters, numbers, and special characters isn’t easy!
And so employees turn to IT for what can be nonstop help. Password resets might not be difficult, but they take up way too much time for teams of IT professionals and therefore, can sneak in a lot of unexpected expenses for businesses.
Automating password resets will make a world of difference for IT teams, enabling these tiny tasks to become self-serve, and allowing IT to maintain governance and oversight on crucial areas like governance and security.
Fortunately, in addition to modern password technologies that securely remember passwords for people, self-service and automated ticket resolution makes everything better. Automating password resets has powerful impact on the service desk – and the metrics prove it.
The average IT helpdesk labor cost for just one password reset is $70, according to Forrester.
The Many Mandates of Password Resets
Password resets, Gartner reports, make up at least 20 percent of IT service desk tickets.
A lot goes into passwords because of their great importance in the world of IT. Password creators and users are asked to make them very complex as to up their security game and eliminate the chance of someone else getting their hands on a password that doesn’t belong to them. Capitalization, unique symbols, and numbers become a secret code, typically between eight and 12 characters, to protect the people that make up an organization, as well as the business itself.
Each company has a set of systems that require passwords. IT teams try—as a best practice—to ensure that employees are following set password criteria and making safe decisions, like not repeating or reusing passwords (even though remembering fewer passwords might seem easier).
It’s an additional layer of what employees are expected to do when managing their passwords – a lot to pile on top of the strict criteria for creating personalized login information.
A single sign-on program can help sometimes, but when it can’t, that’s where IT comes in. Here, the tickets are generated and the opportunity for automation enters the room. Automation alleviates the IT staff requirements of consistently answering password reset tickets.
The Serious Security Implication of Repeated Passwords
Recycling the same password for so many systems, including those that are internal and external, opens doors for security issues. Password reuse is common – there are many people practicing this not-so-ideal strategy.
Yes, it seems as though using the same password would be less of a headache, but it can be very problematic for the organization and bring down its ability to combat threats.
There’s also the strategy that many organizations practice, wherein employees are asked to create an all-new password every 90 days. It’s part of following best practices within the security information protocols, and simply put, there’s no way around it. With this process that comes every three months, employees are also asked to make character changes – which means more than just one. Altering only one character within a password is too little of a difference to maintain protection.
Sure, using a pet’s name and then changing the number at the end not only warms our hearts, but it’s obviously easy to remember. However, IT professionals insist that more change has to happen when going from password to password every three months. A sufficient change must add enough layers of security to the mix because there’s so much automation that the persistent threat of a slightly altered password is just too risky for today’s organizations.
The best way to go when changing passwords, IT leaders say, is to change at least five characters, over the course of many different passwords. It indeed becomes challenging for employees to remember every password they create, which means a lot of help is being asked from IT in order to get through the forgotten password barrier.
Password Resets and Manual Process Behind the Automated Ticketing System
We’re living in the cloud era, with basically everything being SaaS-based. A myriad of SaaS applications gives us the ability to click on a link to reset passwords. Even though this seems like a helpful, self-service method, too many problems remain on the backend, caused by an influx of tickets and increased demand for effort from IT staff.
Especially for larger corporations that keep a lot of proprietary information and service, and often have their own applications and servers, password resets require deeper work than one might see from the surface level. The process gets into the unique workings of the organization, where the servers might be kept in the back room that no one ever visits. Password resets call for remote connection in this sense, and so the need to remember password remains highly important for the organization and its IT team.
It’s easy to resort to the password reset ticket creation, but because of the proprietary services that most corporations offer (but are generally unavailable), the reset oftentimes doesn’t actually use SaaS platforms. Once the user submits the password reset ticket, a human IT professional does, in fact, have to manually complete the request. So in all reality, it isn’t the easy “click for a new password” step it might seem.
Basically, users might get an email that automatically requires them to once again go through a password change, but the password rules that prevent reuse of old passwords pile complexity on top of complication.
An Example of an Automated Password Reset
The many SaaS applications easily expose a password reset link … a “one click and you’re done” type of process. But once again, proprietary systems and legacy, on-premises applications don’t allow for such simplicity.
Resolve’s password reset automation integrates with other applications, stemming from a need to initiate the account unlock, when no other access to a company-issued computer is available. For instance, with an on-premises active directory, employees needing to regain access to their computer and their work are stuck looking at a blank screen with an empty password field. There could be a self-service page that employees can pull up on their mobile devices, but there’s a streamlined, much better way to unlock their account.
This method uses text messaging (like texting a chatbot). It starts with Resolve’s platform building out the automation, using an entirely digital approach that essentially architects the steps that represent an organization’s particular process, or use case, with a visual workflow canvas. Not only is it easy to use because of its drag-and-drop nature, but the approach takes advantage of a huge host of built-in integrations and activities – thousands of them!
Using the built-in integrations, text messages are sent directly within an automated workflow, at any given stage within it.
Let’s say that an employee of Corporation XYZ is totally locked out of their system and has no idea what their password might be. To get access, the first thing the employee does is sends a message through their phone to the communication chatbot. The message automatically kicks off a workflow and sends confirmation back to the employee, letting them know of a few options for help.
The automation has already figured out who this specific employee is by correlating their mobile number with a multi-factor authentication database, such as Duo. The process starts with this first layer of security, which is the recognition of the employee’s mobile number and verification that they do work for Corporation XYZ.
The employee chooses the option to text “reset,” and then they receive verification on their mobile device that the request for a reset has been approved. Without further ado, the password reset process is carried out, and the employee can see it happening via text on their mobile devices.
They’ll shortly get a message that the password reset was completed successfully, along with a temporary password that’s configured to adhere to Corporation XYZ’s password security policy. It even provides a timestamp and a reminder that the temporary password will expire in 72 hours.
For even more details on the difference automation can make for password resets, watch this brief LinkedIn Live video and product demo replay on Resolve’s YouTube channel!
No matter where the trigger takes place and the source originates, perhaps from an ITSM platform rather than a mobile device, the automation password reset process easily gets the employee back to work.
Learn more about enhancing password resets with automation by requesting a demo.
This blog is the debut of our “The 7 IT Automations for Highly Effective Organizations” series, with a new blog dropping every Tuesday this summer. Inspired by Stephen R. Covey’s bestseller, The 7 Habits of Highly Effective People, we spoke with subject matter experts, and found out how organizations, too, can become highly effective. The seven automations we write about over the coming weeks will help transform IT and businesses for the better – sustaining lasting success through upgraded and improved capabilities.