We can all agree that a self service password reset solution saves the company money: fewer help desk calls, less productivity lost and most importantly fewer help desk calls. That’s the holy grail of IT: help your users without them picking up the phone.
But how do you get users to actually enroll and use the service? I can’t tell you how many of our customers are replacing an already purchased solution just because it hasn’t been adopted. I hate shelfware and so should you.
So, when we designed GroupID Password Center, we thought about how to ensure its adoption. But all of these suggestions should work with any solution.
- Make it easy. This isn’t rocket science; don’t force them to answer 23 obscure questions and name all 56 people who signed the Declaration of Independence. You just want to know it’s them; get enough information to authenticate.
- Integrate with your intranet. If you use SharePoint or have another Self Service portal, integrate enrollment into that solution. Make it visible in the places they go anyway for their daily work life.
- Remind them. Until the user is locked out, this is not the most important thing in the world to them. Remind them periodically; you just might catch them at a weak moment when they have some spare time.
- First time free. The first time they call the help desk, be understanding, remind them of the self service method but still reset their password. Don’t be so understanding next time. Password Center has a cool feature for this; if they click “forgot password” and haven’t enrolled, we can authenticate against an attribute you set in Active Directory (hopefully one that only they will know) the first time.
- Last step, start harassing them. I don’t always promote “undue IT scrutiny” but if they ignore 20+ emails, let them know you’re going to check their web browsing history because they must be doing something other than their job to ignore you that much.
Stop short of not allowing users to log on if not enrolled because that is counterproductive. But, still, users want their life to be easier, with a few simple steps, you can get them to help you help them.
One thing that is missed very often is a GPO to provision the client onto all machines in the domain. If a user forgets their password while off site, having a “forgot password” client loaded into the GINA or login screen saves a tremendous amount of headache. This doesn’t help the user enroll but boosts acceptance of the software tremendously.
In short, make it easy on your users and they will enroll. It’s not a build it and they will come solution; it’s a build it, give them an easy to follow map, and they will save your help desk money solution.
Jonathan Blackwell
View ProfileSince 2012, Jonathan Blackwell, an engineer and innovator, has provided engineering leadership that has put GroupID at the forefront of group and user management for Active Directory and Azure AD environments. His experience in development, marketing, and sales allows Jonathan to fully understand the Identity market and how buyers think.