How do you handle them? We all know that they account for a fair chunk of any IT dept's workload (our's included) and so we're looking to implement a better solution to the one we currently have so that users can sort out these issues themselves via authenticating themselves through a series of security questions that they give the answers to during the initial account creation process.

We have several large open-access student PC areas (we're a Uni) and one idea I had was to place a PC in that area dedicated to self account / password resets. We already have a website where students can reset their passwords but that assumes they can access the internet which some onsite students obviously can't for whatever reason.

I'm sure there must be some off the shelf solutions for this but haven't looked yet.

Any thoughts?

Biometric finger print scanner with retena scanner.

That was my second idea. :thumbs:

Would it not be easier to slacken off your lock out criteria? Or even impliment a lock out time period, SBS2008 does this by default and it seems to work well in a couple of offices I have configured.

Account is unlocked after, say, 2 hours of lock out?

I'm thinking more along the lines of resetting forgotten passwords.

Our account policy is already fairly relaxed but we'll be upgrading the schema to 2008 soon so we can have multiple account policies - one for staff and one for students.