Virto Password Reset & Recovery Web Part for SharePoint 2007, 2010 and 2013 allows any user logged in to the SharePoint portal (using Form Based or Active Directory Authentication) to reset his password without contacting administrator. New temporary password will be shown online or sent to email box according to the web part configuration.
This web part is used for quick and simple resolving of situations when a user forgets his password or the password is expired according to password security policy. If there is no such a tool, user must contact his AD or FBA administrator every time he needs to change the password. Virto Password Reset Web Part is added to the SharePoint by administrator who adjusts the component. You can find detailed information about the web part adjustment in Installation and User Guide.
Besides the ability to add Web Part to the SharePoint site page administrator can also add it to any web page of other web-portal with the help of additional ASP.NET source code supplied with the component.
Any user authorized on the SharePoint site with AD or FBA login (including cases of remote access to the portal) can request a configuration of new password. And this does not mean that he can change the configuration of the web part.
There are two ways of working with passwords – request a new password on the site online or by email. According to security policy in the first case before the password changing, user will be offered to answer some secret questions (from one to three). Secret questions are set by system administrator and the values are taken from corresponding fields of AD or FBA profile (for instance, date of birth, mobile phone and etc.).
In case of successful verifying the option of password reset will be available for this user. As soon as he activates it online he will see his new temporary password. Password security policy defined in AD or FBA is applied for generating the password. If the password is sent by email, user must enter his login and email address to receive the new password to. Then the message about user’s password request and suggestion to confirm or decline the reset will be sent to this email address. If the reset is confirmed, one more email message with new password will be sent.