Other tools can be used and the benefit would be the ability to link up with other software other then just ServiceDesk.
For password resets you could look at some like this.
We're thinking that we just let the end user reset their password and, if it works great, if it doesn't they can call us and we'll log a call as per usual. the information on the usage of this feature would be recorded in the Password Reset software's database. Linking with Event Manager to log calls seems like a good idea, but on closer inspection, I can't see why really. Unless you're going to proactively deal with the failures from a logged call
waiting to be convinced
Route the Incident to a security manager if authentication attempts exceeded. Depends on your 3rd party system but maybe raising a ticket linking authentication attempts to an IP/mac address (Courion I remember for example generated alerts in this "security breach" event) and assigning to the security manager to investigate.
And also just for convenience of reporting as well of having ITSM stats in one place helps too.
..and also by logging an Incident you can maybe extend the "experience" of the password reset workflow if the 3rd party tool itself doesn't do it; for example may be as simple as reminders (but most I'd hope would do that) or what about a Survey?
I think that where the business resource allow humans to get involved pro-actively it can be a great extension to self service password reset feature.
It looks like the reporting consolidation will be the thing that drives us as we need to make sure that we are still recording FCRs and providing SLA reports to customers in a consistent manner. This feels like a "tail wagging the dog" reason but when you consider that your statistics help to sell your business services, it's much more important than that now.
Thanks for your input