User Experience
In this scenario, the key client-side components are VPN, Login Assistant with Credential Provider and the Local Reset Extension (pslocalr) software. The Credential Provider creates a password-less login tile – a Change my password button – within the Windows 8+ login screen.
A user opens their Windows workstation to the log in screen and realizes they have forgotten their password. The user clicks the Credential Provider tile and is automatically logged into the help account. Instead of reaching the Windows desktop, however, a secure, kiosk-mode web browser is loaded. This application allows the user to:
Negotiate a corporate network and VPN connection,
Connect to the web interface of their organization’s instance of Bravura Pass (as a full-screen, non-navigable web page) using Login Assistant,
Log in to Bravura Pass using security question or other authentication,
Reset their password, including the locally-cached one using Local Reset Extension, and
Exit out to the login screen. (This will also tear down any temporary corporate network connections that were established.)
Because the Local Reset Extension provides the ability to refresh locally-cached passwords during a password reset from the user’s workstation, the user is able to log into their Windows workstation immediately and does not need to travel to an on-network location to resynchronize the cached and network password values.