Lieberman Software
Follow us on Twitter  Follow us on LinkedIn  Blog  Lieberman Software on YouTube                                                                                                                                                               April 2012

Top of Mind

Lieberman Software: More Than a Privileged Identity Management Vendor

Philip  Lieberman, President & CEO
Lieberman Software

As a company, we have always had two product lines. One set of products are targeted towards IT administrators and the tools they need and use regularly, i.e. User Manager Pro, Service Account Manager and Task Scheduler Pro.

We also develop and offer privileged identity management products such as Enterprise Random Password Manager that are targeted towards information security executives that are looking for a cost-effective, audit-ready solution that deploys quickly.

Our company also makes a few products that bridge the gap between IT administrator tools and Enterprise Privileged Identity Management. This month I would like to talk about one of these lesser known, but very cool and useful products.

Account Reset Console – Self-service password reset on steroids

Imagine a product that allows your users to reset their forgotten Windows passwords or expired Windows passwords from their desktops or from any web browser by answering a few questions to confirm their identity. That feature by itself would be useful, but we also add the ability to get these confirmation questions from any database (think HR database, spreadsheet, or other data store). Questions and answers can also be authored by the user themselves.

Like every other product we make, going deep into the needs of the help desk, auditors, and regulators is where we shine. In Account Reset Console, we have implemented automated warnings to users that their password ages are excessive and their accounts will be disabled if they don’t change them in time. Warnings go out not only to the users, but also to the managers.

Automatic Lockout of Unmanaged Accounts

Should a user fail to change his/her account password in the required period of time, the account can be automatically locked out until its password is changed and brought into compliance (i.e. attestation of ownership). All of this work is automated.

Auditors can produce reports of accounts in/out of compliance and prove that abandoned and improperly managed accounts are automatically disabled by Account Reset Console.

BYOD – Password Reset of Domain Accounts

With employees bringing in their own web based devices, they may neglect their Windows Domain Account password changes and find themselves locked out of domain account based applications that are exposed via the web. With Account Reset Console, you can allow users to regularly reset their domain accounts using any web browser.

History of Account Reset Console

We first starting shipping Account Reset Console in 2005 and have been regularly updating it to handle newer operating systems such as Vista, Windows 7, Server 2008, Server 2008R2 and the upcoming Windows 8 operating systems.

At the end of last month we released a major rewrite of our Account Reset Console product known as version 6.0.1. This latest version is a complete rewrite of the product using ASP.NET with more attractive user interface elements, improvements in speed as well as updated RSA SecurID multi-factor authentication. We also improved the support of 64-bit clients.

The initial pricing on Account Reset Console for this latest release is very attractive with a per-user price of about $5/user with a minimum purchase of a 400 user pack. If you want us to set it up for you, we only charge $1500 in professional services to configure the product. It takes less than a day and is done via a LiveMeeting connection/reverse demo.

Installation of the product and configuration is a breeze (usually it can be done in less than one hour) and the back end database can be just about anything such as Microsoft SQL Server, Oracle 11g or other database. We even support multiple concurrent databases.

Free Trial

You can try out the new version for 30 days for 100 users at no charge. There is nothing proprietary about our software and you can download and read our full Account Reset Console documentation here. You can run the software on a workstation (not a lot of concurrent reset requests via the web) with the free version of SQL Server Express, or scale up to Microsoft Server 2008 R2 with a real clustered database for heavy duty work. The price for our product is the same in either case, and you can migrate between hosts and databases as needed.

Try It, You'll Like It!

Set up in less than an hour, not proprietary, password resets via the desktop logon screen or web interface, and a killer price. What could be better?

Next Month: Transparent user password synchronization between all versions of Windows and all types of trust models (include no trusts). Imagine having the same account in multiple servers, domains, and Windows operating systems and keeping everything in sync just by changing the password in one place. We wrote this product in 1998 for Windows NT and IBM OS/2 and now it works up through Windows 8 Server (beta).

What do you think? Email me at: You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.

What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:
  • Identity Week is a Finalist for Network Products Guide Best IT Blog. The Identity Week team is thrilled to announce that Network Products Guide, one of the industry’s leading technology research and advisory guides, has named our blog a finalist for the 7th Annual 2012 Hot Companies and Best Products Awards in the “Best IT Blog” category...
  • Government Agencies and Corporations at Risk from Global Hactivist Threat. I’m still getting quite a lot of inquiries regarding hactivism, or the use of computers and computer networks as a means of protest to promote political ends. It’s important to be very clear on this subject because it can muddy the waters between legitimate political activity and political activity which has potential to cripple businesses... 

Events / Press / Analysts
  • Privileged Identity 101: Digging for God-Like Accounts. Tek-Tips Forum. When I think about managing identities and privileges within an organization, one of my favorite analogies for the whole privileged identity lifecycle is biblical. Everything starts ‘in the beginning’ with a super user.  Whether someone starts with a server or a workstation, creates on-premise solutions for their network infrastructure or builds out a cloud, they’ll always have to start out with an account with god-like power that will control all other accounts accessing that resource going forward in the future.
  • Are security basics getting lost under the cover of cloud and mobile? SC Magazine. I spoke to Phil Lieberman, president of Lieberman Software, who told me that every company his firm has engaged with has well-known accounts and passwords -- such as “guest” and “root” -- and these accounts and passwords are generally used each and every day without question.

Tech Tip of the Month

Clustered Services Support

When IT administrators change credentials or restart a Windows Service that’s part of a clustered service, unexpected problems can occur - like data corruption of unintended failover actions. Fortunately Service Account Manager can recognize and properly handle services in cluster resources. Here’s how.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.
Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
           |    (01) 310-550-8575  |