Password Reset Calls Are Costing Your Org Big Money

2022-12-06 15:07

Regular password resets mean a stolen password is suitable for a limited time.

When a breached password is found, forcing a password reset ensures users do not continue to use insecure passwords.

For an authentication system like Active Directory, a password reset would mean that the user account password change must be replicated to all connected Domain Controllers.

What happens when a user misses the window to reset their password or forgets the latest password because of how many recent changes there have been? Not only does the user need to reach out to the already overworked helpdesk, but they are stuck waiting for a resolution rather than working in the meantime.

Forrester Research states that the average help desk labor cost for a single password reset is about $70. This does not consider the lost productivity for a user, compounded by the many password resets done in a given year.

With all of these challenges, what can an organization do to lessen the impact of password resets? One step would be to implement the latest NIST guidelines and do away with regular password resets.

News URL

https://www.bleepingcomputer.com/news/security/password-reset-calls-are-costing-your-org-big-money/

#money