Active Directory
Self-Service Password Reset
Empower users and reduce IT workload with Protectimus MFA Self-Service — securely reset AD passwords and manage OTP tokens from a single portal
What is Protectimus Self-Service Password Reset (SSPR)?
Protectimus Self-Service Password Reset (SSPR) is a feature of the Protectimus On-Premise MFA Platform that enables users to securely change or reset their Active Directory passwords without IT involvement.
Through the Self-Service Portal, users can manage their OTP tokens, including registration, confirmation, replacement, synchronization, and PIN setting, all governed by administrator-defined authentication methods and policies. This reduces IT workload, minimizes downtime, and keeps password and authentication management fully under organizational control.
Change and Reset AD Passwords
Users synchronized with Active Directory can change their AD passwords by entering both the old and new passwords, or reset forgotten AD passwords by providing only a new password — all directly through the portal.
Password Policy Enforcement
Set and enforce password rules through the Self-Service Portal, allowing users to create or update their passwords according to the organization’s policies.
Accessible Anywhere
Users can securely reset, change, or manage their Active Directory passwords from mobile devices, login screens, or web browsers. All operations are encrypted via LDAPS (SSL), ensuring maximum security while enabling users to manage passwords anytime, anywhere.
SSPR Capabilities within Protectimus MFA
Flexible Login Options
Users can access the Self-Service Portal via AD password, Protectimus Platform password, email one-time code, or security questions — flexibility without conflicts.
Enforced Password Policies
Set and enforce custom password rules so users can securely create or update passwords in compliance with organizational requirements.
Change AD Password
Users can change their Active Directory password directly from the portal by providing their old and new passwords, ensuring secure updates.
Reset AD Password
Allow users to reset forgotten AD passwords by specifying a new password, reducing IT tickets and downtime.
Secure AD Integration
All password changes use LDAPS (SSL) connections for encrypted, secure communication with Active Directory.
Streamlined Self-Service
Empower users to manage their passwords independently, improving productivity and reducing IT support workload.
Here's what our customers say
-
SICIM
-
DXC
-
Volet
How It Works
Protectimus Self-Service Password Reset (SSPR) is a built-in feature of the Protectimus On-Premise MFA Platform. Through a single self-service portal, employees can securely change or reset their Active Directory passwords and manage their OTP tokens on their own — without contacting IT and strictly within the permissions and policies defined by administrators.
SSPR supports multiple authentication methods at the same time, including Active Directory credentials, the Protectimus Platform password, one-time codes sent by email, or security questions. All password operations are performed over encrypted LDAPS (SSL) connections, and password requirements are enforced directly in the portal. As a result, IT teams handle fewer routine requests, users regain access faster, and password and token management stays simple, secure, and fully under organizational control.
Pricing
Protectimus SSPR is included at no additional cost as part of our MFA Platform license.
Pricing starts at $199 per month for 99 users
- The greater the number of users, the less the cost per user.
- Additional technical support can be purchased separately.
Lifetime License and Enterprise Pricing Plan
Includes:
- Lifetime license for any number of users;
- Customized MFA platform tailored to your needs;
- Custom integrations;
- Dedicated engineers and direct support.
Contact our sales team at sales@protectimus.com for pricing information.
Supported Two-Factor Authentication Methods
All of the following tokens can be managed by users directly through the Self-Service Portal, subject to administrator permissions
Available integrations
Add two-factor authentication to Windows 8, 8.1, 10, 11, and Windows Server 2012, 2016, 2019, 2022. Protects both local accounts and remote desktops (RDP).
Set up two-factor authentication for Outlook Web App (OWA) and Exchange Admin Center (EAC) using a ready-to-use OWA plugin, compatible with Exchange 2013, 2016, and 2019.
The Protectimus MFA Platform seamlessly integrates with Active Directory Federation Services (ADFS 3.0 & 4.0), enhancing security with minimal effort.
Use Protectimus ADFS or Office 365 components and the On-Prem MFA Platform to enable single sign-on (SSO) with extra security from time-based one-time passwords.
For quick and easy integration, take advantage of our ready-to-use SDKs for Java, PHP, and Python.
Protectimus DSPA (Dynamic Strong Password Authentication) integrates directly with AD, LDAP, or any user directory, enabling you to secure access to all nodes in your infrastructure at once.
Secure your VPN, Wi-Fi, firewalls, and any RADIUS-based system with two-factor authentication. Protectimus integrates seamlessly with Cisco, Citrix, VMware, FortiGate, SonicWALL, OpenVPN, etc.
The Protectimus two-factor authentication plugin for Roundcube lets you easily integrate a professional multi-factor authentication solution into Roundcube webmail client.
Integrate the Protectimus On-Premise Platform with Ubuntu or macOS via RADIUS to secure your corporate accounts with multi-factor authentication.
You can use our API for direct integration. Our API is designed according to REST principles. Data is transmitted as XML or JSON.
Ready to get started?
Ready to strengthen your security with Protectimus multi-factor authentication? Our comprehensive guides will walk you through the seamless integration process. Our dedicated support team is ready to assist you. Get started today and enhance your authentication with Protectimus.
