REPASS

The Password Reset application allows users of a company to recover their passwords when they forget them. This kind of application is sensitive because people who retrieve a password get the privileges of their owner. Because of this, the process of resetting passwords should be operating in a very secure way. SmartWave proposes different types of flows to handle secure password reset processes, with a light architecture.

Functional description:
Available flows: Two types of flows are available: a 3-steps flow, with single security and a 6-steps flow, with dual security. the 3-step flow sends the password in a mail. 6-step flow sends the first part of the password, asks a confirmation and sends the second part.
Initiation flow: Flows could be initiated with challenge responses, that have been stored previously (hiring of employee).
Temporary password: Because the password is often not readable, REPASS can set a new temporary password with an immediate expiration.
Output media: To increase the security or if the password to reset is the mailbox password as well, mails can be replaced with SMS or faxes.

Customization:
Password parts can be sent encrypted and depending on customers needs, other functionnalities can be specially developed.

Supported platforms:
J2EE application server: Tomcat, Weblogic, Websphere.
LDAP directory: Sun Directory or any LDAP directory that supports JNDI.

back to top