InSource Services Group

Password Best Practices (Agents Only)

Sample Use Cases:

  • User forgot password and unable to self-reset
  • User self-reset not successful
  • Inconsistent password login experience
  • New user without functioning password
*Warning: Do not share passwords in emails, tickets, or other forms of plain text.

Best Practices for Providing Passwords to Users (In order of Preferred Method)

  1. Over the phone/meeting tool: after resetting a user’s password, the most preferred method for providing the password to the user is over the phone, in Zoom, in Teams or some other accepted real-time collaboration tool. 
      • Ideally, please make the change when the user is already on the phone with the technician
      • If the user is unavailable at the moment, attempt to schedule a phone meeting (by email, chat or ticket) between the user and the technician who made the change. 
      • If the user and technician are unable to align a phone meeting time, schedule a time based on the user’s availability and assign the ticket to the CGU Desktop Support of the ISG team member to meet with the user and share the new password (or initiate another password reset at that time). 
  2. If Time Zone, international phone number or some other impediment prevents a personal, real-time meeting, use of OneTimeSecret to share the password with the user may be used, with specific access requirements, e.g. 24-hour expiration.
      • *Note – asynchronous password sharing should be done with an accepted contact point within PeopleSoft and/or Workday, e.g. email address, “home” email address, and/or primary or secondary phone number – verifying with user that the individual still has access to it. 
  3. If OneTimeSecret is unavailable, using LastPass to share the password would be another option.
  4. Encrypted Outlook email messaging is also available.
  5. Lastly, for those with severe technical skills impediments, use of obfuscation is needed:
    • Send password as a picture
    • Password protect an attached PDF or other file containing the password and share the password to the attachment with the user in an alternate way
    • Use additional characters to offset the password, e.g. xXx100%GoldxXx (password is between the X’s)
    • Any combination of the above. 
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Please sign in to leave a comment.