Example process
The following example illustrates the process when end users can use their telephones to authenticate to Phone Password Manager using Bravura Pass challenge-response, and reset their password to a new, random value:
User: forgets password or triggers intruder lockout.
User: dials the support number, and is connected to the Phone Password Manager server.
Phone Password Manager server: prompts the user to key in numeric ID.
User: keys in the ID.
Phone Password Manager server: sends a request to the Bravura Pass server.
Bravura Pass server: looks up the user’s profile.
Bravura Pass server: returns a random subset of the user’s fixed-length numeric pre-defined questions to Phone Password Manager.
Phone Password Manager server: prompts the user to answer the selected questions.
User: keys in (numeric) answers to the selected questions, or answers questions verbally, depending on configuration.
Phone Password Manager server: forwards answers to the Bravura Pass server.
Bravura Pass server: evaluates the validity of the user’s credentials, and either allows them access, repeats the login process, or potentially triggers a lockout.
Phone Password Manager server: prompts the user to select reset password or unlock account.
User: navigates the audio menu, and requests a password reset.
Phone Password Manager server: prompts the user to select on target systems.
User: selects an individual target system or all target systems.
Phone Password Manager server: invokes secure API/RPC to request a random password for this user, on the target or target systems the user selected.
Bravura Pass server: generates a random, policy-compliant password value.
Bravura Pass server: implements the password reset on the target system or target systems the user selected.
Phone Password Manager server: enunciates the password, and prompts the user if to reset another password.
Bravura Pass server: if configured, writes a ticket to a call tracking system.
Bravura Pass server: if configured, sends the user a confirmation email.