Press Release: Get the Level of Identity Management Your Campus NEEDS for Office 365



BEDFORD, NH– (Marketwire – June 25, 2014) – Today, PistolStar, Inc. announced the integration of its PortalGuard product with Office 365. This integration will give administrators the power to choose the level of convenience and security they desire for their students and faculty while accessing Office 365, including:


-Self Service Password Reset (SSPR)

-Single Sign-on (SSO)

-Two-factor Authentication


With PortalGuard integrated with Office 365, schools now get the level of identity management they need. Gregg Browinski, CTO of PistolStar, Inc. comments on the level of identity management and security with PortalGuard. “Using Office 365 guarantees 99.9% uptime for your campus email infrastructure, but this benefit is moot if students forget their passwords and can’t login. Federating Office 365 with a local ADFS instance can allow SSO but this just pushes a ‘forgotten password’ scenario further back to the desktop login and still lacks stronger two-factor authentication or self-service password reset options.” Browinski continues, “Swapping PortalGuard in place of ADFS in this architecture can provide standards-based web SSO and highly flexible SSPR from a single, tightly integrated, brandable, login interface.”


Using PortalGuard’s SSPR, students and faculty are given the power to reset their passwords from the web or desktop, reducing help desk calls and increasing ROI. SSO streamlines the login and reduces the barriers to access; with just a single login, the students and faculty gain access to all of their authorized applications, including: Blackboard, Moodle, Canvas, Banner, Google Apps, and Office 365.


PortalGuard provides you with the level of identity management your campus needs. Click here to learn more about PortalGuard®’s seamless integration for Office 365 and other education applications or visit our Education Page here.

Food for thought… On Passwords

Let’s talk about forgetting your password, it has happened to all of us at one time or ano


Forgetting your password is a real pain in the you-know-where. You type in what you think is your  password, then you try another one, then with Caps and a special character. Before you know it, your account has been locked out and you need to contact the systems administrator. You dial the help desk, wait on hold for a few minutes, and then finally, success!

This always seems to  happen when you are in a time crunch. This could be during a meeting or presentation, or  when you need to check your email quickly before heading out for the night. No matter what the case it is a real pain point and a huge inconvenience.

PCWorld  cited a study done by Ian Robertson, “Illustrates the growing amount of alphanumeric clutter in our heads: the average person now has to remember five passwords, five PIN numbers, two number plates, three security ID numbers and three bank account numbers just to get through everyday life. Not surprisingly, Robertson’s research found that nearly 60 percent of those studied felt like they couldn’t possibly remember all of these numbers and letters that they were supposed to.” The number of passwords that the average person is required to remember today only continues to grow.

Today, more companies are shying away are from the “traditional” password management, to a self-service method. Self Service Password Reset is a simple service that can help avoid the anxieties associated with locking yourself out, by prompting the user to answer preselected questions or enter a one-time code sent to their phone to unlock their account or obtain a new password.

Companies like PortalGuard offer a simple and effective solution that will not only eliminate the stress that comes from a lock out, but will save money and time at a higher level.

Click here for more information on Self Service Password Reset.



Why is Authentication Painful and How can Self-service Ease the Pain?

There is no getting around it… online resources are and will always be protected by one or more forms of authentication.  Given all of the savvy “bad people” out there that go to great lengths to try and compromise our valuable resources, authentication is here to stay.  But why does authentication cause the user so much pain and why can’t a few Ibuprofens help to alleviate the burden?  Well, for one thing, authentication pain is not physical.  Its effects are emotional and psychological in nature and can lead to unnecessary stress.  Self-Service Password Management (SSPM) has the “medicine” to help reduce the swelling caused by authentication.  SSPM is technology that puts mechanisms in place to help reduce the obstacles and frustration that can be caused by authentication gone wrong.

Let’s take a look at a possible real world scenario of how authentication can cause pain to both the user and IT staff and how SSPM can alleviate the suffering.

Curtis starts his first day of work after graduating from college and is given his first professional password but doesn’t have a lot of password experience.  At his first login on his very first day in the “real” world, he is forced to change it so he will be the only one that knows the password.  However, so the password can’t be easily guessed by a would-be intruder, company policy forces Curtis to come up with a complicated password with multiple alpha-numeric characters and special characters, including upper and lower case values.

It turns out that Curtis started on a Friday and after a weekend of celebrating with his friends he returns to his second day of work and much to his dismay, can’t remember his password.  Not knowing any better, he continues to try variations of what he thinks it is until his account is locked.  Now what does he do?  This real world is tough and especially on a Monday.  His supervisor, Kathy, sees him struggling and asks if she can help.  Curtis is relieved to learn that there is an IT help desk that he can call to get his password changed.  The call with the help desk is less than enjoyable.  First he ends up in a queue for what seems like 20 minutes.  His 2nd day of work and he has not been productive his first hour.  When he finally gets to speak with someone, they are short with him and not as helpful as he would have hoped.  He does finally get a new password and gets his account unlocked with some unnecessary scolding from the help desk.  Curtis thinks, “I am not going to have to go through this again” and writes his new password on a post it note, sticks it on his monitor and finally gets back to work.

At lunch, he is discussing his ordeal with some of his new coworkers and learns that the help desk personnel are like that because they are usually swamped the first day of the week with many users forgetting their passwords over the weekend.  Having to spend so much time on password issues first thing in the morning, puts them behind on their priorities for the rest of the week.  He also found out that company policy does not allow passwords to be written down.  Now he can’t get back to his desk fast enough to take down that sticky note.

Without being able to write down his password, he manages to forget it a few more times until he finally creates one that he can memorize.  Just when he thinks he has clear sailing with his password troubles, he comes into work and upon logon is instructed to change his password because it has expired.  What?!  Why is this so?  Again, Kathy is there to explain to Curtis that company policy requires passwords to be changed every 90 days just in case one gets compromised.  This is devastating news to Curtis because he believes he will go through the torment of not being able to remember his password again and decides to do some research on the matter to see if others are experiencing his pain.

Curtis uncovers that there is a world of hurt similar to his and other companies have been alleviating it with a technology referred to as “Self-Service Password Management” (SSPM).  In a nutshell, SSPM puts the power of resetting forgotten passwords or unlocking a locked account into the end user’s hands.  This excites Curtis and he digs in to learn more and puts together a proposal for his supervisor and their manager.

The proposal explains that when a user forgets their password or has a locked account, the user is able to “on their own” authenticate themselves by a means other than their password and reset the password.  Generally speaking, the user can answer challenge questions that they had previously answered during enrollment or they may submit a One Time Passcode (OTP) that they receive through email or a phone (voice or text).  Before the SSPM can be used, the first time a user logs in, they will be asked to answer a number of questions and/or register their phone number.  Should the occasion arise that they have locked their account or forgotten their password, they can navigate to the SSPM website on their own, enter their username and then request to reset their password and/or unlock their account.  The application will ask what type of alternate authentication method they would like to use, challenge answers, phone OTP or email OTP.  The user is then either presented with questions that they will know the answers to or be sent an OTP that they can enter at the website prompt.  The website authenticates the user with this alternate method and then allows the user to specify a new password and/or unlock the account.

Needless to say, this proposal quickly makes its way to upper management and within a few weeks Curtis and his fellow employees are enjoying Self-Service Password Management.

Now our hero enjoys his weekends because he knows if he forgets his password on Monday, he can visit the SSPM website, answer some questions and reset his own password within a matter of minutes and then get back to being a productive employee.

PortalGuard: Tutorial: Self-service Password Reset

Most studies show the cost of password resets can range from $25-75 per incident and make up around 30% of Help Desk calls. This provides ample reason and demand for password reset and recovery tools which empower the user. By allowing users to self-service their own account and password management needs, organizations can effectively offer 24/7 access and maintain productivity. How will roaming users change their password remotely or how will a forgotten password be recovered on a laptop with an encrypted hard drive? These requirements determining your budget and current Help Desk costs without a solution in place will allow you to forecast your ROI and further narrow down the vendor selection. The evolution of self-service password reset and whether the vendors you are evaluating are keeping pace. Entry point solutions are now expected to go beyond simple password resets to accept multiple scenarios which may include disconnected users, auditing and leveraging devices such as mobile phones. True success of a self-service password management solution will be measured by the users’ satisfaction and an overall reduction in the frequency of their calls to the Help Desk for support. Self-service password reset is the process a user initiates to prove their identity with the end goal of resetting their password. Self-service password recovery is similar, but the end goal is obtaining the current password value without changing it. The user can be authenticated using various methods.

We hope you enjoy a video we made on the subject of Self-service Password Management:


The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

Subscribe to our newsletter: