PentaSafe this week announced a product intended to ease that burden. Its VigilEnt User Manager enables end users to reset forgotten passwords on their own via the Web, without involving an administrator of any kind.
VigilEnt uses a series of challenge-response questions to enable users to reset forgotten passwords, as well as manage other aspects of their user profile, says Sharon Kosakowski, product marketing manager for VigilEnt User Manager. Adminisrators can determine how many challenge questions must be answered correctly to authenticate users and allow them to update their profiles.
PentaSafe provides administrators with a default set of challenge questions but administrators and end users can also add their own questions. "Most companies send a list of questions to users and ask them to use those," Kosakowski says. Administrators can maintain control over password policies, ensuring they are applied consistently across the user base.
VigilEnt also acts as a password synchronization tool, enabling users to define multiple systems and applications to which the same password will apply. Users still have to log on to each system individually, however, unlike a single sign-on utility that provides access to multiple systems after entering a user name and password only once.
PentaSafe is not the first vendor to come out with a self-service password management facility. Corion Corp.'s Password Courier, for example, offers many of the same capabilities. But PentaSafe offers a broader array of complementary security products, including firewalls, policy management, auditing, vulnerability assessment and intrusion detection tools.
One-time pricing for VigilEnt ranges from $15 per user to access one system, $20 for two to four and $25 for more than four systems. The product is scheduled to ship March 28.