TecSSPR: Self-Service Password Recovery
For Okta users with the freedom to reset their password from lock screen.
Supports Okta Verify, and more as recovery factors.
You forgot, you retrieve.
What is TecSSPR?
In most organizations, the largest volume of help desk calls is for resetting passwords. The traditional approach for password recovery is time consuming and less secure. “Tecnics Self Service Password Recovery” (TecSSPR) allows users to recover passwords on the login/lock screen of their Desktops (Windows 10 or MAC). Users do not have to reach out to help desk or be dependent upon the other traditional methods for password recovery.
TecSSPR is a Windows Credential Provider developed on top of Okta's MFA & Policy framework and extends the recovery factors available in Okta to provide other factors like Okta Verify, Yubikey etc. as MFA options.
Currently, all Okta customers wanting to recover their password will have to navigate to the Okta login page and click on the “Forgot password?” link. The default password recovery factors presented by Okta are SMS, Email and Voice. A lot of Okta customers require other factors like Okta Verify, Duo, Google Authenticator, Yubikey etc., for self service password recovery.
TecSSPR addresses this requirement and provides additional factors configured in Okta for password recovery including:
Password Recovery without the Help-Desk
In most organizations , the traditional approach for password recovery is to call help desk or create a ticket. This process is time consuming and is non-productive for both the user and the help desk team. It also lacks proper policy and compliance. TecSSPR allows the user to reset their password from the Windows login screen after entering the second factor for authentication configured in Okta. This allows the organization to enforce all password policies configured in the Okta tenant. The process to recover the password is very user friendly, secure and fast thereby increasing productivity, improving the user experience and reducing the help desk costs.
Recover Password in a secure & auditable manner
In the traditional approach for password recovery, most of the time the help desk team delivers the password to the user in less secure methods.
TecSSPR allows the user to reset their password from the Windows login screen after entering the second factor for authentication configured in Okta. This allows the organization to enforce all password policies configured in the Okta tenant.
TecSSPR supports following operating systems
- Windows 11
- Windows 10
- Big Sur
- Desktops with Windows 10 / MAC for deploying TecSSPR Credential Provider
- One or more Windows servers (Windows server 2008 R2 or later, including Server 2016 and Windows Server 2019 ) in your network to deploy TecSSPR web site in IIS. These servers must be on at all times and have a continuous connection to the Internet so that they can communicate with Okta cloud.
- The server can be a physical or virtual server
- The server should have at least 2 CPUs and a minimum of 8 GB RAM
- Okta Verify
- Google Authenticator
- Security Question
- OnPrem MFA
- RSA Secure ID
TecSSPR is currently supported on the English and Spanish version of Windows10 operating system. If there is a specific language requirement for a customer, we may provide support through PS engagement.
TecSSPR supports silent installation or installation via GPO.
TecSSPR is developed on Okta's MFA framework and leverages on the policies and factors (Okta Verify) configured in Okta. The only requirements from end user perspective are, access to a Desktop with TecSSPR Windows Credential Provider installed and at least 1 recovery factor configured in Okta.
TecSSPR is developed on top of Okta's Password Recovery Framework and requires Okta to enforce all policies. Offline mode is currently not supported.