TecSSPR: Self-Service Password Recovery
For Okta users with the freedom to reset their password from lock screen.
Supports Okta Verify, and more as recovery factors.
You forgot, you retrieve.
What is TecSSPR?
In most organizations, the largest volume of help desk calls is for resetting passwords. The traditional approach for password recovery is time consuming and less secure. “Tecnics Self Service Password Recovery” (TecSSPR) allows users to recover passwords at the press of Ctrl+Alt+Del Keys on their Desktops (Windows 10 or MAC). Users do not have to reach out to help desk or be dependent upon the other traditional methods for password recovery.
TecSSPR is a Windows Credential Provider developed on top of Okta's MFA & Policy framework and extends the recovery factors available in Okta to provide other factors like Okta Verify, Yubikey etc. as MFA options.
Currently, all Okta customers wanting to recover their password will have to navigate to the Okta login page and click on the “Forgot password?” link. The default password recovery factors presented by Okta are SMS, Email and Voice. A lot of Okta customers require other factors like Okta Verify, Duo, Google Authenticator, Yubikey etc., for self service password recovery.
TecSSPR addresses this requirement and provides additional factors configured in Okta for password recovery including:
Password Recovery without the Help-Desk
In most organizations , the traditional approach for password recovery is to call help desk or create a ticket. This process is time consuming and is non-productive for both the user and the help desk team. It also lacks proper policy and compliance. TecSSPR allows the user to reset their password from the Windows login screen after entering the second factor for authentication configured in Okta. This allows the organization to enforce all password policies configured in the Okta tenant. The process to recover the password is very user friendly, secure and fast thereby increasing productivity, improving the user experience and reducing the help desk costs.
Recover Password in a secure & auditable manner
In the traditional approach for password recovery, most of the time the help desk team delivers the password to the user in less secure methods.
TecSSPR allows the user to reset their password from the Windows login screen after entering the second factor for authentication configured in Okta. This allows the organization to enforce all password policies configured in the Okta tenant.
TecSSPR has been tested on Windows 10. If you are using an older version of Windows, we strongly recommend to first upgrade to Windows 10 before starting the installation.
We do not support Windows 7 or Windows 8. Support can be provided on demand and on a case to case basis as a Professional Services engagement. For more information, please reach out to Tecnics Support.
Yes we do support MAC.
- Desktops with Windows 10 / MAC for deploying TecSSPR Credential Provider
- One or more Windows servers (Windows server 2008 R2 or later, including Server 2016 and Windows Server 2019 ) in your network to deploy TecSSPR web site in IIS. These servers must be on at all times and have a continuous connection to the Internet so that they can communicate with Okta cloud.
- The server can be a physical or virtual server
- The server should have at least 2 CPUs and a minimum of 8 GB RAM
- TecSSPR Windows Credential Provider installation on Desktops through GPO.
- Okta tenant is configured & users can login to Okta.
- Okta is integrated with Active Directory.
- Users are active in Okta and have enrolled in at least 1 recovery factor .
- Install & configure SSPR web app on Windows Server 2008 R2 or later (Required only if factors like Okta Verify , Duo, Yubikey etc. are desired for Self Service Password Recovery).
- Okta Verify
- Google Authenticator
- Security Question
- OnPrem MFA
- RSA Secure ID
TecSSPR is currently supported on the English and Spanish version of Windows10 operating system. If there is a specific language requirement for a customer, we may provide support through PS engagement.
TecSSPR supports silent installation or installation via GPO.
- Modify the reset password logo shown on the Windows lock screen
- Provide the Okta Tenant URL
TecSSPR is developed on Okta's MFA framework and leverages on the policies and factors (Okta Verify) configured in Okta. The only requirements from end user perspective are, access to a Desktop with TecSSPR Windows Credential Provider installed and at least 1 recovery factor configured in Okta.
TecSSPR is developed on top of Okta's Password Recovery Framework and requires Okta to enforce all policies. Offline mode is currently not supported.