Directory Password - Active Directory Self Service Password Reset

Directory Password

Simple, low cost self service resetting passwords and unlocking accounts

Download

Overview

Password resets and unlocking user accounts consume as much 30% of some organization’s Help Desk resources. Directory Password is an extra-cost add-on product for Directory Update v2.0 The user uses Directory Update to answer a series of security questions; the questions and answers are stored (encrypted and hashed) in the Active Directory.


Later, if you the user’s account is locked or if they have forgotten their password, they can unlock their account or reset their password using the Directory Password web interface. The user must be able to access a Web browser from a neighbor’s computer or a kiosk.

Features

Directory Password is designed to be an add-on product for Directory Update and thus requires the newest build of Directory Update v2.1 or later. Directory Password is configurable and allows you to customize it to fit your password and security requirements

  • Allows user to unlock their account if they have locked it
  • Allows the user to reset their password if they have forgotten it
  • User can unlock / reset from any web browser
  • List of questions possible questions is customizable
  • Administrator selects the number of questions (up to 10) that the user must pre-answer
  • Administrator selects the number of questions the user must answer in order to unlock their account or reset their password
  • Password strength is customizable
  • SQL or standalone database is not required
  • File auditing and e-mail notifications

Question and Answer Storage

Directory Password does not require a separate database instance. Instead, we store question and answer data in each user’s object in Active Directory. The questions that the user selects and the answers provided are stored in the PostalAddress. Questions are encrypted and the answers are hashed using an irreversible hash.

We use homePostalAddress to store incorrect logon count information. Both of these attributes are not frequently used in Active Directory and hold 4KB worth of information. The attributes that are used can be changed using the AppSettings.XML file. The Question and Answer data is not visible to the administrator.

Evaluating

We urge all potential customers to download Directory Password, install it in your environment, and customize it for your use. You will see how easy it is to get Directory Password up and running.

You can download a fully functional from the Product Downloads page of our Web site; the evaluation will be fully functional for 21 days with no limitations. We will not ask you for your e-mail address, telephone number, or first born; all you have to do is download the software. And, if you run in to problems and have a question, we will give you the same great support we give our customers.

If you choose to buy Directory Update, you keep your customized configuration; using the Configuration wizard to convert from evaluation to licensed by entering your license key.

Version History and Product Updates

Directory Password v2.0

  • Updated the code using the Bootstrap APIs to allow the screen to better display on a mobile interface.

  • Directory Update v2.7 or later should be used with this version.

  • A few fixes to the interface and improved password rule mapping and management.


Directory Password v1.2

  • Updated code so that it can evaluation a "Microsoft" strong password. A Microsoft strong password is at least 8 characters long and uses 3 out of 4 character types (special, number, upper case, and/or lower case.)

  • Created a forbidden string list. These strings cannot be found anywhere in the user's password.

  • Created an option so that user's user name is not allowed to be part of the password.

  • Installer will work now on Windows Server 2012 / 2012 R2 and software supports underlying .NET Framework v4.0.

  • Software requires a minimum of Directory Update v2.5.


Directory Password v1.0

  • Original version of Directory Password

  • Integrates with Directory Update v2.0/v2.1

Last Review: 3 Dec 2016