Password Assistant App

Guide Overview

The following guide is designed to give administrators an overview of the following Password Reset App related topics:

  • A brief synopsis of the Overview, Policies, and Reset History tabs
  • Adding, editing, and deleting reset policies

Guide Index

You can use the following links below to quickly navigate to a specific section in this document. To quickly return to this index simply use the Return to Index link located at the end of any section.

    1. Overview Tab
    2. Policies Tab
    3. Reset History Tab
    4. Adding a New Policy

Overview Tab

This tab allows you to check the status of your Local Active Directory key if your district uses a  Local AD integration. This includes which user generated the last key, as well as the date it was generated.

Please note that both of these files are necessary in establishing up a connection between the Password Reset Assistant and Microsoft AD. For instructions on creating this link please refer to the Connecting the Password Reset App with to Microsoft Active Directory help document.

Policies Tab

This tab allows you to view, create, and manage the password reset policies for your site.

You can create a new password policy directly from this page by clicking on Add Policy on the top right of the page.

Additionally, you can also edit, copy, and delete a reset policy by using the options located on the right of any listed policies using the Edit and More options.

Reset History Tab

This tab allows you to review all password resets that have been initiated throughout your district.

Additionally, you can narrow down the password reset history using the filter options. These allow you to search by the user the reset was for, the status, or the user that performed the reset.

 

Adding a New Reset Policy

To add a new reset policy, begin by navigating to the Policies Tab. Once there, click on the Add Policy button on the right side of the page.

From here you will need to fill out the following policy data:

  • Policy Name: The name of your password policy that will appear in the policies list.
  • Reset token expiration (minutes): This is the time a reset token will last once generated.

  • Minimum length: This field allows you to set a passwords minimum length.
  • Must contain at least: This field allows you to set the types and counts of characters that are necessary for a password.

You will now be asked to include instructions for the specific password specifications you set forth by using the Password Complexity Instructions section.

  • Supported Password Recovery Methods: The below options allow you to set how users can recover their passwords. You may have multiple selections, but you are required to at least check on option.
    • Set New Password Directly: Selecting this option allows a user’s password to be reset directly from their profile page.
    • Recover Questions: Selecting this option allows users to set answers to recovery questions when resetting their password.
    • Emailed Url: Selecting this option allows users to send out an email containing a password reset link.
    • Text Message: Selecting this option allows users to send out a text to their stored phone number that contains a password reset link.
    • Generate A Password Reset Code: Selecting this option allows agents to generate reset codes that users can use to reset their password from the recovery screen.

  • Password Providers: These options allow you to set what system contains your primary user login data, as well as what system you want the password reset request to route to. Please note, the route to select field only appears when you have checked a system option and that you must specify a system to route requests to.
    • Local (iiQ Only): This option is utilized when setting up reset requests to locally created accounts. All requests of this type should route to Local (iiQ Only).
    • ClassLink SSO: If you are using this source for user data you will want to route all requests to Local AD through the password connectors app.
    • Enboard SSO: If you are using this source for user data you will want to route all requests to Local AD through the password connectors app.
    • Google SSO: If you are using this source for user data you can route your password reset requests either to Google directly or to Local AD through the password connectors app.
    • Microsoft Active Directory: If you are using this source for user data you will want to route all requests to Local AD through the password connectors app.
    • Microsoft Active Directory Federated Services: If you are using this source for user data you will want to route all requests to Local AD through the password connectors app.
    • Microsoft Azure SSO: If you are using this source for user data you can route your password reset requests either to Azure directly or to Local AD through the password connectors app.
    • Rapid Identity SSO: If you are using this source for user data you will want to route all requests to Local AD through the password connectors app.

When routing requests to an outside system, you will be asked to identify what field in Incident IQ should be used for looking users up and what field this should match against in your AD/SSO.

The next section only appears if the Secret Questions password recovery method is selected.

  • Number of questions that must be answered: This field allows you to set how many secret questions a user must choose to answer during a password reset. Please note, this number must be less than or equal to the number of password reset questions you create. This is a required field.
  • Alert Methods: These options provide in system prompts to alert users when they need to set up their secret question answers.
    • Dashboard Widget: This option will display a widget at the top of a user’s page prompting them to set up their secret question answers.
    • Popup message on login: This option will display a pop-up window when a user logs in prompting them to set up their secret question answers.
  • Add: This button allows you to add a new secret question that users can choose from to answer. Please note, this number must be greater than or equal to the number of questions you require users to answer.

You will be required to specify who can reset user passwords, as well as which user they can perform password resets for.

  • Who can perform the password reset: This section allows you to determine what users can perform a password reset. You can narrow this down by location, user role, user policies, or even down to an individual user.
  • Who can this be performed on: This section allows you to determine what users can have their passwords reset using this policy. You can narrow this down by location, user role, user policies, or even down to an individual user.

Please note, you may set up multiple profiles in the section, allowing you to give some users more or less user password reset options as needed.

The Send password expiry emails: Sends out an automatic email to alert users when their passwords are about to expire. If selected, you will need to specify how far in advance the alert will go out and how often.

And finally, the Ticket Details Integration section allows you to setup which tickets outside of Password Reset tickets will show the password reset widget for use by your agents and administrators. If you select Notify all followers on ticket of password change success/failure then any follower on a ticket will be notified through email if the password reset succeeded or failed.

Scroll to Top