Your users are trying to hit deadlines, prepare for meetings, and balance responsibilities. They don’t want to slow down to gain access to the apps and systems they need to get their job done. Yet often, users are frustrated by the expectation of memorizing the dozens of URLs, usernames, and passwords they need to do their work.
Most people can’t remember multiple passwords. To keep things manageable, users often repeat the same password across multiple applications or choose something that’s easy to remember—strategies which are consequently also easy to compromise. It’s a troubling, all-too-common habit, and it puts your users’ and organization’s data at risk.
Poor password hygiene is dangerous to a company’s health. To better protect organizations against online attacks, many businesses require employees to create complex, unique passwords for each of the many applications they use. While this practice is meant to reduce the number and severity of breaches, it also puts significant strain on IT when users forget their credentials and flood IT with helpdesk tickets.
A costly inconvenience
According to Gartner Group, between 30% and 50% of all IT help desk calls are for password resets, and resetting an employee’s password is more complex than a quick, one-click action.
First, to maintain security protocol, IT needs to verify the identity of the requesting employee. Second, an organization may store passwords in several locations, meaning IT has to track down all the places where the password needs to be changed. Rather than focusing on high-value, strategic projects such as modernization and improved organizational productivity, IT staff members are often spending their time manually resetting passwords.
But it’s not just IT that suffers; when an employee inevitably forgets their password to any number of SaaS tools, their productivity suffers. Their work is put on hold while they wait for IT to liberate them from account lockout. All in, a single password reset request costs companies an average of $70. It’s a lose-lose situation, and all for a task that could be easily and securely automated.
Empowering teams with self-serve technology
If you think maintaining a secure network while also reducing IT friction is a tall order, think again. With Okta, you get world-class security features, plus user-friendly password reset functionality—in a single solution.
Start at the source with Single Sign-On (SSO)
Okta Single Sign-On allows users to access all of their applications through a single portal, so they can spend less time logging in and more time doing what they do best.
Simply enabling Single Sign-On will cut down on password reset requests. When users no longer have to remember different passwords for every application, they’re more likely and willing to choose a secure password that’s harder to be compromised and less likely to be forgotten.
Plus, all Okta customers with Universal Directory automatically get access to self-service password resets capabilities, empowering end users to reset their own passwords, even if they are tied to Active Directory. For added security, IT can apply password reset policies to increase security posture, such as only allowing resets from the corporate network or known devices.
Layer on Multi-Factor Authentication (MFA)
Minimize the likelihood of malicious account takeover attempts by layering additional authentication factors prior to triggering a password recovery change.
Should a user forget their password, all they need to do is initiate the password reset flow and they’ll be prompted to receive either an email or an SMS message containing a password reset code. Upon receiving the code, users will be asked to answer a security question to verify their identity, which they create when initially enrolling in MFA.
Empowering teams, securely
Okta’s self-service password reset powered by SSO, MFA, and Universal Directory will not only strengthen your organization’s security posture, but also cut down on help desk requests and improve employee productivity.
In a company with hundreds or thousands of employees, the time and costs saved adds up fast. For example, leading solar energy provider Vivint Solar cut their password reset requests by 95%, contributing to over half a million dollars in IT savings.
Could your company be next?
Read the Enable Self-Service Password Resets whitepaper to learn how to reduce account-related IT help desk tickets, and liberate your IT team from forgotten passwords.