Password resets are a nuisance for everyone一but especially for IT.
Remembering tens, even hundreds of passwords for multiple platforms and devices leads to password fatigue for employees and only adds to the list of IT problems to solve. Unfortunately, this trend has only gotten worse with the rise of remote work.
Today, 50% of all help desk calls are for password resets. And the worst part is that password resets aren’t just tedious; they’re costly. Forrester Research found that the average password reset cost is upwards of $70.
Multiply that by the number of employees at a large organization, and even one password reset each becomes a staggering figure. But why is that the case?
In this piece, we’ll do a deep dive into password resets: why users need them, how much they cost, and how single sign-on (SSO) password managers can reduce costs and alleviate the mounting pressure on your IT team.
Why Do Users Need Password Resets?
While this seems like a straightforward question, password resets aren’t always a result of someone forgetting their password.
Some employees may use multiple workstations or mobile phones. If applications on those devices use old cached credentials, a user’s account may automatically be locked on all of their systems, requiring a password reset.
Windows task schedulers can also prompt password resets. Tasks are created with user-specified credentials, which eventually expire. If they’re not replaced with new credentials, users will be locked out of their accounts.
Other times, password resets are a forced exercise. Many companies use password rotation, prompting users to change their passwords every 30 to 90 days. The amount of effort required for the execution of this task varies greatly depending on the password management solution in place, and the number and type of IT resources secured by user passwords.
How Much Do Password Resets Cost?
Although a password reset may seem quick and easy, the compound effect of thousands of resets can make a company’s IT costs skyrocket. The following are just a few of the factors that affect how much password resets can truly cost.
Increased labor and lost time
The first step in initiating a reset involves verifying a user’s identity. This sounds easy, but checking this manually can take time and frustrate employees. Once a user’s identity is confirmed, IT may have to log into several tools to change the user’s password. During that process, end users are stuck and unable to complete any work.
Many large organizations use interconnected legacy systems that make changing passwords extremely cumbersome. Many of these systems do not sync with each other, nor do they have the same cadence for updates, which means that IT must manually change passwords in multiple places multiple times a year. The upkeep of these platforms can be time-intensive, but it is essential to maintain an organization’s overall security.
While forced resets are meant to fend off cyberattacks, password rotation can be ineffective unless implemented with other password management best practices in mind. Most users just add another number or character onto an existing password used for all of their devices, making it easy for savvy hackers to guess it. And cyberattacks can have so many consequences, from reputation damage to customer churn to loss of future business.
How Much Does a Password Manager Cost?
A password manager streamlines the very manual aspects of a password reset while mitigating the risk of an attack.
However, not all password managers bring the same features to the table, which makes for a fairly wide range in price. It’s important to focus on the ROI. The best centralized password managers come with:
- A range of recovery options, whether it be email, SMS, or multi-factor authentication
- Automatic device syncing capabilities
- A secure password generator
- Multi-platform support (Windows, iOS, Android, macOS)
- Password autofill
- On-device vault storage
Each of these password manager features makes resets easier on both employees and IT.
Can Password Resets Be Automated?
The password reset process hasn’t always been complicated. In traditional Windows-based, Active Directory (AD) IT environments, resetting passwords was relatively straightforward. Once a user reset their password on their Windows machine, that change would propagate out to all of the Windows-based resources IT admins granted them access to.
However over time, there has been a significant amount of diversification in the resources used in enterprise IT environments. From solutions like AWS and Google Workspace, to web applications like Slack and Salesforce, and to the prevalence of macOS and Linux devices, end users now have a multitude of unique identities. This makes the password reset process much more complicated.
Fortunately, even in a modern heterogeneous IT environment, there is still a way to unify a user’s credentials into a single set for accessing virtually all IT resources like we did in the days of traditional AD environments. Cloud-based password reset facilitators are an ideal way to reduce the time, effort, and cost associated with password resets.
With an open cloud directory service, IT teams can connect users to their devices, servers, applications, files, and networks with a single identity, regardless of the OS, vendor, or location. When a user changes their password, that change propagates to all the resources that the directory manages.
Not only does this process save a huge amount of time, it also empowers self-service. End users can use their cloud-based portal to reset their password, resolve SSO issues, add SSH keys, or enable multi-factor authentication.
Password Management Doesn’t Have to Be Difficult
Undetected security gaps resulting from poor password management can lead to devastating consequences. But the growing queue of password reset tickets makes it hard for IT to remain vigilant. So what’s an organization to do?
The answer lies in a secure password management system like JumpCloud’s IdentityOS® solution. The IdentityOS app provides frictionless password management, whether they’re using a mobile phone, iPad, or Windows computer. In addition, the IdentityOS app enables users to self-serve, and manage their own credentials on a secure device to minimize the risk of phishing.
When the IT team no longer needs to intervene, they have more time to spend on strategic projects and bolstering other cybersecurity measures. To learn more about automating password resets for your organization, check out what IdentityOS has to offer.