User Self-Service Password Reset
Overview
Forgotten passwords and associated reset processes cause frustration and lost productivity for end-users. For IT providers, it consumes time and increases costs. For Support staff, it’s a tedious task.
Atria Self-Service Password Reset (SSPR) allows users to reset their own passwords without needing to contact the help desk. If users choose to contact the help desk, Atria also provides a verification mechanism that streamlines the password reset process.
How Does It Work?
- Each user has the option to be configured with a recovery email address, or MFA. Users can configure this options themselves, or an administrator can set this for the user.
- The reset process requires the user to enter their login name. Atria will present a CAPTCHA to verify that a human is entering the reset process.
- If Password Reset via MFA is enabled and the user has MFA configured, Atria prompts for an MFA verification code instead of sending a recovery email.
- If MFA reset is not enabled (or the user is not enrolled in MFA), Atria sends a reset link to:
- Their Recovery Email Address (if set)
- Their External Email Address (if no recovery email is set)
- The user verifies via MFA or email, then enters a new password.
- The password is verified, and a notification is sent to the user confirming the password change.
Enabling Self-Service Password Reset within Atria
SSPR is enabled via the Customer Portal Settings – an Atria service. Enabling it for each Atria Location will default the setting to enabled for all Customers within that Location.
The setting can be further controlled at the Reseller or Customer level:
- Disable the feature for individual customers
- Turn off by default and enable on a customer-by-customer basis
Enable SSPR
If the setting is enabled at the root customer’s reseller service, it will cascade and be enabled for all sub-customers.
Optional: Enable Password Reset via MFA
When enabled, users who have MFA configured can reset passwords by entering their MFA code instead of receiving an email reset link. This replaces the recovery email flow for MFA-enrolled users.
- Ensure the Multi Factor Authentication service is deployed and users are enrolled in MFA.
- Navigate to the customer's Services, expand Multi Factor Authentication, and enable Password Reset via MFA.
Password Reset via MFA Setting
Self Configuration of SSPR
Users should log in to the Atria Portal and click the Password link, displayed at the top right or in the left-hand navigation bar.
Password Link
From here, users can simply enter their email details.
Recovery Email Address
Administrative Configuration of SSPR for an Individual User
An administrator with permissions to edit a user can update the recovery email address for the user by following these steps:
- Locate the user using the search bar and expand the user details.
- Select Edit User.
- Expand Additional User Properties to access the Recovery Email field.
Recovery Email Address
Email Notifications
Three notification types support the SSPR and User Verification features:
- Email Verification
- Password Changed Notification
- Password Reset Link
Emails are sent from Atria using the Email Notifications system. Email notifications can be fully configured by a Service Provider Administrator through the Atria portal, including customization for language or individual resellers/customers.
For customization instructions, refer to: Notifications System.
End User Process
The embedded walkthrough shows the email-based reset flow. If Password Reset via MFA is enabled, users will be prompted to enter an MFA code instead of receiving a reset link by email.