Self Service Password Reset (SSPR)

Reset passwords yourself using ASPR
Self Service Password Reset mit ASPR

With the Self Service Password Reset Manager from TESIS SYSware employees can reset forgotten passwords themselves, without contacting the service desk – 24 hours a day, seven days a week. ASPR is simple to use and has extremely high user acceptance. So you can design all your processes for identity and password management efficiently and at minimum cost.

  • Greater efficiency thanks to cost optimization, less effort and different billing options
  • Very high, quantifiable acceptance among end users
  • Security and compliance
  • Made in Germany – ASPR is developed and supported in Munich in line with German quality and security standards

How the Self Service Password Reset works with the ASPR Password Manager

Employees who forget a password no longer need to call the help desk, they can reset their password themselves anywhere, 24/7 using the Self Service Password Reset.

With this method, employees are instantly productive again and frequent manual password resets no longer cost extra time for the busy service desk.

With ASPR, TESIS SYSware offers you a Self Service Password Reset Manager with extremely flexible configurability to meet the diverse needs of your business.

How you benefit from the Self Service Password Reset from TESIS SYSware

Self Service Password Reset – flexible, simple & versatile

Flexible, simple & versatile

ASPR is designed as a web application, meaning users do not need to perform a local installation. The product is extremely flexible in its configuration.

On the one hand, users can choose from various authentication methods, which results in very high user acceptance.

On the other hand, methods can also be combined with each other to ensure compliance with the security policies of the target system. In practice, simple authentication suffices for intranet application passwords, while resetting a password for an SAP HR system uses 2-factor authentication.

  • Integrate into numerous target systems with individual connectors
  • Multi-factor authentication freely combinable
  • Password Propagation transfers generated random passwords to numerous target systems
  • Password Randomizer to generate random passwords
  • Integration into existing service portal
  • Interface offers multi-language support
  • P³ invoicing model: pay per password, pay per month or pay per seat
  • Audit integrity and compliance thanks to transparency and GDPR compliance

ASPR security aspects

Self Service Password Reset – secure, flexible & simple

SSPR with maximum security

We fully comply with corporate compliance policies and legal regulations in accordance with the Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation (EU-GDPR).

In the development of the TESIS SYSware products, all protection objects that contain personal data and/or data with security relevance or confidential data were considered, e.g.

  • Account information (ID, display value)
  • Permissions (account/identity, rights to file/folder)
  • Master data (name, first name, department, personnel number, location, e-mail address, phone number, cell number)

The following data protection principles were considered for defining the information objects with personal data:

  • Personal data is only collected for the purpose of service delivery (legality as per EU GDPR Art. 6, 7)
  • Only the data directly required for processing (Data Avoidance and Data Economy, EU GDPR Art. 5) is captured
  • Sensitive information only runs encrypted through the system. All communication paths are already secured via SSL in the standard installation between the individual components.

30 years of experience in password & access management

Well-known international companies with high security requirements have been placing their trust in us for three decades, for example:

Accenture q
BMW Mini q
BSH q
eurosystem
sana
Siemens q

Key features in detail

Multi-factor authentication

Choose from different authentication methods that can be freely combined for greater security and higher acceptance among users:

  • Question/answer pair
  • User ID and password of other system
  • Four eyes principle
  • Smartcard / token
  • Face recognition with ”Face Liveness Detection“ (BioID®)
  • Keystroke Biometrics (KeyTrac®)
  • Time-Based One-Time Password (TOTP)

Numerous target systems

Using extensions, ASPR can be integrated into many different target systems, allowing it to be ideally adapted to company-specific IT infrastructures:

  • Microsoft AD / Azure / 365
  • IBM z/OS
  • LDAP
  • SAP
  • Unix/Linux
  • Individual customer systems

Password Randomizer

With the Password Randomizer, ASPR closes a potential security gap in SSO environments. Here – but also in smart card environments – accounts are often assigned password-never-expires flags. This is intended to prevent systems from requesting users to provide a new password every X days. Frequently in such cases, the user’s last password is kept in the system forever. To close this gap, ASPR offers a process that regularly generates a new random password in the background.

Password Propagation

Today, a secure password consists of an average of 12 to 15 characters, must contain lowercase and uppercase letters, several numbers and special characters, and has a maximum life span of 30 days. If you then multiply these factors by the number of passwords a user has to remember, it is clear that the need to reset passwords is very high already and is only set to increase in the future. With Password Propagation, one password is all you need for all applications and systems. A (master) password enables propagation of new passwords from AD or host systems to all connected target systems.

Integration in a service portal

ASPR can also be used in conjunction with service portals (e.g. ServiceNow). This allows users to reset or change their passwords themselves, without having to contact the service desk or administrator.

Multi-language support

ASPR is available not only in German and English (standard), but also in additional languages. This increases user acceptance and lowers language barriers.

Architecture

ASPR Video