The Password Reset application allows users of a company to recover their passwords when they forget them. This kind of application is sensitive because people who retrieve a password get the privileges of the password owner. Because of this, the process of resetting passwords should be operated in a very secured way. SmartWave proposes different types of flows to handle secure password reset processes, with a light architecture.
Functional description:
Available flows - Two types of flows are available: a 3-steps flow, with single security and a 6-steps flow, with dual security. The 3-step flow sends the password in a mail. The 6-step flow sends the first part of the password, asks a confirmation and then sends the second part.
Initiation flow: Flows could be initiated with challenge responses, that have been stored previously (e.g. during the hiring of the employee).
Temporary password: Because the password is often not readable, REPASS can set a new temporary password with an immediate expiration.
Output media: To increase the security or if the password to reset is the mailbox password as well, mails can be replaced with SMS or faxes.
Customisation:
Password parts can be sent encrypted depending on customers needs, and other functionnalities can be developed.
