What is ARKSSPR

ARKSSPR (All Versions)

ARKSSPR is a portal that enables users in the Active Directory environment to manage their own passwords. Users can change and reset their password, and unlock their account through the portal without needing the help of an administrator. While performing these operations, secondary verification and captch verifications can be used in all steps. In this way, security measures are used to verify identity and prevent bot transactions.

What's New in ARKSSPR 2.0

DMZ Support

DMZ: Designed for access by Internet users only. It directs incoming requests on the Internet to the Internal ARKSSPR server like a proxy and forwards the response to the user. It has no business logic. Even if you have administrative rights on this screen, administrative screens will not open. Access to the Internal system is required to open administrative screens.

Internal Installation: It is used only for access by users in the internal network. Although not recommended, it can also be used for Internet access in environments where there is no physical DMZ network. With Internal ARKSSPR, users can manage their passwords and accounts, while administrators can manage ARKSSPR and report.

My Account

Users can perform operations such as changing passwords and determine secondary verification options from the My Account window.

2FA Support with

SMS: A secondary verification code can be sent via ARKSSPR with the SMS provider information used by the company, and users can securely perform password and account operations via ARKSSPR.

Secondary E-Mail: Secondary verification code for password and user account operations can be sent via E-Mail. After logging into the system, users can enter an e-mail address of their choice and use it to send a secondary verification code. In future versions, administrators will be able to make bulk entries using the csv file import.

Authenticator: Secondary verification code for password and user account operations can be generated through Authenticator software that can be installed on mobile phones. After logging into the system, users can start using the authenticator software they want by registering.

Password History Control (for AD environments)

For ARKSSPR password change and reset operations, at least Active Directory password policies apply, and a higher password policy can be determined through administrator settings. However, these policies are only for operations to be made through ARKSSPR.

Reporting

All password and account operations performed through ARKSSPR are recorded in the database. Operations performed with various reports can be viewed. The number of reports and formats will continue to be improved and increased in subsequent versions. It is possible to send reports periodically to a specified e-mail address.

  • Login Report

  • Password Change Report

  • Password Reset Report

  • Unlock Report

  • General SSPR Report

Role management

With to role management, ARKSSPR managements can be delegated. While members of the Administrators group can manage the entire system, the Report Operator can only see reports. The Restricted User role is used to define users and groups that cannot perform password and account operations on ARKSSPR.

Multi-Domain support

Password and account management operations are supported for multiple Active Directory domains.

Data grooming

The legal data retention period for the company can be adjusted under grooming. After this period, any remaining data will be automatically cleared from the database.

Syslog support

With supported RFC3164 and RFC5424 formats, Syslog messages can be automatically forwarded to syslog servers. In future versions, the data to be sent will be classified and the types of data sent will be made rule based.

Random password generation engine

For the convenience of users, there is a password generation button that can be accessed from every point of the product. This password is not stored anywhere. If desired, the generated passwords can be used.

Captcha support

Captcha technology, which is seen as proof that the activities are not carried out by robot software, can be used selectively at every point of the product.

Blacklist support

With a file that can be uploaded by the system administrator, passwords that are not intended to be used in password operations via ARKSSPR can be determined. It does not affect password operations made outside of ARKSSPR.

Screen customization

With ARKSSPR 2.0, system administrators will be able to customize the screen without the need for any additional development. Logo, favicon, background, and title information, which can clearly contain company information on the screen, can be made in screen customization. Additionally, menu background and text colors can be adjusted.

Ticket management

The support screen has been integrated so that end users who have problems with password or account operations can open a ticket regarding the problem they are experiencing. API endpoint support that can be integrated with external help desk software will be added in future versions.

Turkish and English language support

ARKSSPR has Turkish and English language support. With flexible structure, other language support can be quickly added upon request.

RegEx Support in Password Blacklist

By creating regex templates, system administrators can prevent users from providing simple or predictable passwords when changing their passwords via ARKSSPR.

International Phone Support

There is international normalization support for phone numbers to which SMS will be sent.

Last updated