SSPR: simplifying password management… and more!
Although the SSPR acronym might suggest that self-service is limited to password renewal, in reality it must encompass all strong authentication methods used to enable access to the information system.
There are many use cases: forgotten, lost or stolen physical authentication media such as chip cards, contactless badges, FIDO2 keys; empty batteries on telephones using MFA authentication mobile applications; problems with (dirty, wet or faulty) biometric sensors preventing fingerprint recognition, etc.
It is vital to have a “Backup mode” for unlocking users who do not have their main authentication method, whatever it may be, in their possession.
So, in the case of a forgotten password, the solution should enable a user to reset their primary password, while if they forget their physical medium, it should allow them to set a temporary password.