Enterprise Solutions → Biometric

Biometric Password Reset Kiosk for Active Directory

published by Sybu Data on February 2, 2011 in Biometric and Enterprise Solutions and Projects with no comments

Description

The Active Directory Password Reset Kiosk allows users within a domain to securely reset or change their own login passwords through the use of biometric fingerprint authentication.

Typically within enterprise organizations that utilizes one or more Domain Controllers (DC) with Active Directory (AD) unnecessary help desk calls and administrative time is spent on users that’s lost or forgotten their own login passwords. This time can be dramatically reduced by installing a kiosk (or computer) with a biometric fingerprint reader that users can easily access and reset their own passwords, using biometric verification.

The kiosks connect via the lan to a SSO Enterprise server that manages user profiles and Active Directory requests.

Overview

Password reset

 

Feature List

  • SSO Enterprise server manages user biometric profiles and interacts with the Active Directory on the Domain Controller with LDAP requests.
  • Support for multiple Password Reset Kiosks
  • No schema change to users or user groups on AD
  • Secure Administrative login
  • Easy management of user profiles by administrators
  • Step-by-step fingerprint enrolment for users
  • Strong encryption and security built into biometric profiles

How does it work?

  • A SSO enterprise service is installed on the Domain Controller
  • A Reset Kiosk is setup anywhere on the network
  • An authorized enroller will enroll fingerprint data for the users. This is also done from the Kiosk.
  • When a user wants to reset a password, the user will go to the Kiosk and enter their own username. The Kiosk will communicate with the Server and if the user has biometric data, the user will be prompted to swipe a finger for identification. If successfully authenticated, the user will be prompted for a new password. The SSO server will apply the changes to the Active Directory. The Active Directory will enforce password policies on password reuse, length and complexity.