question

JeremyHawks-3434 avatar image
0 Votes"
JeremyHawks-3434 asked TeemoTang-MSFT commented

Ability to adjust password reset link on the Windows 10 sign-in screen

Hello, I work for a college and we are considering using the Okta self-service password reset tool for our employee and student Active Directory accounts, but Okta does not have an agent that can be deployed to allow access to reset passwords from the Windows 10 sign-in screen.

So we either need to deploy a number of kiosks that automatically login and take the user to the Okta password reset website or we need to find an application that allows us to modify the "forgot my password" link so that it can open a secure browser to the Okta password reset website.

I know that something like this is possible as we currently use the Quest Password Manager self-service password reset solution and it includes an agent that modifies the "forgot my password" link to open their password reset solution from the Windows 10 logon screen, and I have seen other password reset solutions have similar tools as well.

Does anyone know of a tool that allows us to open a locked down browser (no address bar or navigation tools, just the content of the specified password reset site) where we can specify the home page it opens?

For example, if you click on the "Forgot my password" link, it opens an instance of the Edge browser in kiosk mode (with no navigation tools other than the close button which closes the browser and returns you to the sign in screen) that immediately opens the https://passwordreset.collegesite.com page that allows the user to reset their password. When they are done, they simply click the "X" button to close the browser window, which returns them to the logon screen where they can login using their newly reset password.

Thanks for the help,

Jeremy Hawks

windows-10-security
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If you resolved it using our solution, please click "Accept Answer" on a reply to help other community members find the helpful reply quickly.
If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

0 Votes 0 ·
JeremyHawks-3434 avatar image
0 Votes"
JeremyHawks-3434 answered TeemoTang-MSFT commented

Thanks for trying, but how do I launch the kiosk browser from the login screen? The user is not able to login, so the kiosk browser would need to launch when ever the "forgot my password" link is clicked.

For example, I know it is possible to swap the function of the "Ease of Access button" on the sign-in screen to launch a screen recorder so that you can screenshot the sign-in screen, so theoretically I could have it launch a browser in kiosk mode, but that is not an intuitive option for when you need to reset your password (no one would click on it if they were not told directly to do so) and it would remove the ability to access the ADA options like the narrator function which would be unacceptable for us as we have students that require that ability.

Is there a method of making the "forgot my password" link launch an app? If there is, I can have it launch a browser in kiosk mode, but I don't see any option for that.

If not, then I guess I am out of luck until Okta comes up with their own app to modify that link.

Thanks.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

“Is there a method of making the "forgot my password" link launch an app?”
Unfortunately, no.
The behavior of “forgot my password” is by design, we can’t change it.

0 Votes 0 ·
TeemoTang-MSFT avatar image
0 Votes"
TeemoTang-MSFT answered

Hi Jeremy,

There is not a Windows built-in feature/function can achieve your goal:
Opens an instance of the Edge browser and redirect to a specific website in kiosk mode when user click Forget my password on lock screen.
It is so Intelligent for current sign-option now, maybe Microsoft can develop this function in future, but now we cannot make it. Quest Password Manager self-service password reset solution and similar tools should be the workaround.
Thanks for understanding.


If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JeremyHawks-3434 avatar image
0 Votes"
JeremyHawks-3434 answered

While it would have been great if there was a Windows built-in feature/function, I wasn't expecting it. I was hoping that someone knew of a third-party solution that could work for us.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TeemoTang-MSFT avatar image
0 Votes"
TeemoTang-MSFT answered

From my experience, start Internet Explorer in kiosk mode can only meet a part of your demand. Starts Internet Explorer in kiosk mode. The browser opens in a maximized window that does not display the address bar, the navigation buttons, or the status bar.
https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/general-info/hh826025(v=vs.85)?redirectedfrom=MSDN

Since you ask for a third-party tool for help, specific browser or development forum might be a better place, I found out a case on .net forum for you.
Disable Address Bar of major browsers (Chrome, IE and firefox)
https://forums.asp.net/t/1930156.aspx?Disable+Address+Bar+of+major+browsers+Chrome+IE+and+firefox


If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.