We would like to develop an Active Directory password reset solution for our company; this will enable our AD users to reset their own password if they forget it.
We have approximately 500 users and have been asked by our management team to reduce the number of helpdesk calls for password reset. To ensure security we have been asked to design an in house product rather than use a commercial solution.
Our users will register in the system and be asked a number of questions which will later be used to identify them. Users will also be issued with cards which are printed with a serial number and one-time passwords to use during the reset process.
When the user needs to reset their account they will have to answer these questions correctly and enter the one-time password, then they are able to specify a new active directory password.
We would like a secure, but also very simple solution which is quick to code and implement.
## Deliverables
Please see attached file for project spec.