Frustrating for both users and administrators, password management can be a challenge to manage in any organization. One lost or stolen password may be the crack in your organization's foundation, allowing an attacker to slip in.
Resetting user passwords is a routine yet essential task for IT service and help desks. However, while it may seem straightforward, it is tedious for the IT staff, unproductive for everyone and very costly for companies. Given that passwords are still the primary authentication method for many businesses, addressing this issue is extremely important.
Why are account lockouts and password resets so common?
From the user's perspective, creating passwords may seem simple, but remembering them is a different story. With strict character requirements, many users resort to reusing passwords, leading to forgetfulness. This often results in either getting locked out of their accounts or requesting frequent resets.
From a business standpoint, despite updated guidelines from NIST , periodic password resets remain common practice. Password age limitations in Active Directory enforce these resets, yet they often lead to weaker passwords and account lockouts due to procrastination.
Additionally, most users have about 100 individual passwords to manage , which increases the likelihood of forgetfulness and errors, even with password managers. This highlights the need for a more efficient approach to password management.
How password resets hurt the bottom line
Password resets may seem like an easy problem to solve, but they are not, and if you add on top the volume of requests, it makes them an extremely time-consuming, repetitive, boring task.
20% to 50% of all IT help desk tickets each year are for password resets according to the Gartner Group, and password tickets consume 31% to 40% of the help desk's time. Each reset ticket incurs substantial costs: Forrester Research estimates that one password reset can cost $70. These expenses encompass IT staff time, resources (using the necessary backend infrastructure) and lost employee productivity, so yearly costs for these common requests seem unreasonable. For instance, for a 1,000-employee company, this leads to a $70,000 yearly cost, assuming that every employee will need at least one password reset (most probably, they will need more).
Regarding lost productivity, each time a user undergoes the password reset process— which involves pausing work on a project, contacting the help desk, waiting on hold, waiting for the reset, selecting a new password, and then logging back in—they are essentially costing the company productive time. In a study conducted by Forrester, researchers discovered that employees spend an average of eleven hours annually grappling with password issues. When extrapolated across a company with hundreds or thousands of employees, these lost hours translate into millions of dollars in lost revenue.
Plus, when a user is locked out, the password reset takes priority over other vital tasks since that user can no longer work. Any organization's priority would be to get that individual productive once again. Thus, a password reset necessarily diverts a helpdesk's attention from the strategic and impactful tasks they would be working on.
Automated password reset with Gaspar AI helpdesk
Timewise and cost-wise, password resets are bad. Thankfully, with Gaspar AI you can kiss your password reset tickets goodbye! When you install Gaspar AI, you can integrate with password management applications, including SSO and MFA apps, and enable the related automation. Employees who forget a password will ask Gaspar (our AI chatbot) for a password reset. In seconds, Gaspar will identify the employee thanks to the relevant plugins and provide the necessary temporary password to the employee to reset it. Then, the employee will choose a new password, and that’s all! Their password is changed across all places that use it without any human intervention.
If you get a ton of these questions every month, schedule a demo with us and give your employees the gift of time. Imagine the things your helpdesk team could do when they get all this password reset tickets time back. :)