Just curious what your guys' solutions are to this issue. User needs PC reimaged or worked on and Service Desk needs to login as the user to setup the profile for them. Obviously the user giving out their password is not secure and the organization compromises security and accountability. The other option I've seen is resetting the user's password to something temporary so both the SD and user knows the password for the time being, then they force them to change it after. This of course will make the user login again to any other devices that they may have (phone, tablet, etc.). Is the latter pretty standard or are there better and more secure options?