Looking to see if anyone has a new and unique trick for distributing passwords to users that request to have their password reset remotely. I am basically referring to Enterprise Directory passwords. We have many users in many locations around the globe and it is not practical to hand carry every password to a user when she/he forgets theirs. Since Email is tied to ED as well, we cannot provide the password through that system and the fact that not all of our sales force and consultants have voicemail, it makes it difficult to distribute it to them that way as well. We have a 24x7 Call Center but then you run into the problem of trying to authenticate voices over the phone. and with 7000+ possible voices probably not feasible either. We've thought about obscure web links that are one time use but it comes right back to authenticating the individual that is calling. We've even considered using some type of token device with the thought that providing them a password over the phone would be fairly safe if the corporate authentication were two-factor, but if I copped a briefcase with the business cards and token inside, I could probably devise a social engineering plot to get in. Am I simply trying to hard to cover every conceivable issue that MAY arise or is there a better, cheaper, and equally effective plan out there.
Thanks in advance for any help you can provide Leds! -- There's nothing wrong with Windows until you install it........
