• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 215
  • Last Modified:

Does anyone have suggestions on verifying identification for password reset requests

Suggestions on verifying staff identification for remote requests for A.D and appliation password resets
0
LPSHelpdesk
Asked:
LPSHelpdesk
  • 2
1 Solution
 
drewha1969Commented:
Have them send it by signed email?

Assign them a PIN?
0
 
astralcomputingCommented:
Challenge response. But this implies they know something only they and helpdesk knows. Like a hire date.
0
 
drewha1969Commented:
This topic is interesting, so I am not arguing the answer but arent PINs and Challenge responses basically the same thing?  They are both random answers to verify identity.

Plus, if you choose a question that is harder for a random person to find out other than the usual (like birth date, maiden name, etc) it will be just as easy to forget as a PIN.

You could have the employee create their own question, but wouldnt you need a system that allows for the random question to be stored?

So, I think either of those suggestions are probably the least secure, although every bank, cell phone, email company uses these questions...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now