How Much Do Password Resets
Really Cost?

by Paul Anand
on Oct 8th, 2019

One of the most researched questions on the web by people related to identity and access management (IAM) is “How much do password resets really cost?”. This cost matters to employees, employers, and organizations too, due to which this research is not limited only to people related to IAM. So, what is the actual cost of resetting a single password of an employee? While there are varying numbers provided as an answer to this question by different folks, according to a Forrester report, a single password reset request costs around $70. Also, according to a study by Gartner, it takes $20-$40 to resolve each password reset request.

One can’t help but wonder, why this cost is so high. According to Gartner, 30% and 50% of all calls to the IT help desk are for password reset and request for access to an application, respectively. While resetting an employee password is a relatively easy task for the IT help desk, it is quite cumbersome due to the volume of password reset requests during working and non-working hours.

Password reset requests take priority over other requests that a help desk must handle. While that does not directly add to the cost, it adds to the amount of time taken to handle other business critical requests, resulting in lost productivity along the value chain.

Additionally, organizations with no in-house help desk support, generally, recruit a third-party to assist them with their IT help desk. Ongoing password reset requests being handled by the third-party help desk is an additional cost. Moreover, before resetting any new password the IT help desk must determine or verify the identity of the end-user. This burden only increases with manual password reset procedures. Also, until the employee’s password has been reset, the employee is incapable of logging in into his/her account and being productive for the organization.

What is the Solution?

There are two quick, reliable, secure and prompt solutions to manual password resets, Single Sign-On (SSO) and Self-Service Password Manager. SSO will allow any user to access all their apps from a single platform with a single set of credentials. Therefore, users wouldn’t need to remember multiple passwords for multiple apps. In such an event there is a greater chance that users will create a strong password, and even remember it. Therefore, an SSO solution helps to diminish the recurring password reset requests to the help desk.

On the other hand, a Password Reset Solution (like QuickLaunch Smart Password Manager) with self-service capabilities can enable a user to reset his/her own password, while following the security policies and guidelines for resetting passwords set by the organization. It does so by authenticating the user’s identity through multi-factor authentication (MFA) before allowing the user to reset his/her own password. The factors of authentication can include challenge questions, Email OTP, SMS OTP, Software Tokens (e.g. Google Authenticator), Hardware Tokens (e.g. YubiKey) and multiple other factors. Implementing a Password Reset Solution can downsize the password reset requests sent to the help desk.

Both SSO and Password Manager can help reduce the ongoing costs from password reset help desk requests. Besides reducing help desk costs, these solutions also enhance security and help increase the productivity of all users. It is therefore recommended to implement an SSO and Password Manager solution at your organization to save costs and ease the burden of the IT help desk as well as users.