Chat now with support
Chat with Support

Password Manager 5.13.2 - Administration Guide

About Password Manager Getting started Password Manager architecture
Password Manager components and third-party applications Typical deployment scenarios Password Manager in a perimeter network Management Policy overview Password policy overview Secure Password Extension overview reCAPTCHA overview User enrollment process overview Questions and Answers policy overview Password change and reset process overview Data replication Phone-based authentication service overview
Management policies
Checklist: Configuring Password Manager Understanding Management Policies Configuring access to the Administration Site Configuring access to the Legacy Self-Service Site or Password Manager Self-Service Site Configuring access to the Helpdesk Site Configuring Questions and Answers policy Workflow overview Custom workflows Custom activities Legacy Self-Service or Password Manager Self-Service Site workflows Helpdesk workflows Notification activities User enforcement rules
General Settings
General Settings overview Search and logon options Importing and exporting configuration settings Outgoing mail servers Diagnostic logging Scheduled tasks Web Interface customization Instance reinitialization Realm Instances Domain Connections Extensibility features RADIUS Two-Factor Authentication Internal Feedback Password Manager components and third-party applications Unregistering users from Password Manager Bulk Force Password Reset Fido2 key management Working with Redistributable Secret Management account Email templates
Upgrading Password Manager Administrative Templates Secure Password Extension Password Policies Enable 2FA for administrators and helpdesk users Reporting Password Manager integration Accounts used in Password Manager Open communication ports for Password Manager Customization options overview Feature imparities between the legacy and the new Self-Service Sites Third-party contributions Glossary

Helpdesk Activities Overview

All activities available in the helpdesk workflows fall into the following categories: authentication, actions and notifications.

Authentication activities are a group of activities that provide different authentication options, for example authentication with Questions and Answers profiles, or phone-based authentication.

The actions category includes activities that are core components of the helpdesk workflows, for example, Unlock Account, Assign Passcode, and other activities.

Notification activities are activities that you can use to configure email notifications for users and administrators, and specify conditions under which the notifications should be sent.

The following sections describe the helpdesk activities and provide information about the settings specific to each activity.

Authentication activities

This section describes workflow activities that provide different authentication options.

Authentication methods

Use this activity to select which authentication methods to display in the User site. The three types of authentication methods available to select for the administrator are as follows:

  • Security Questions

  • Corporate Authentication

  • Personal Email

IMPORTANT: The administrator can select any of the activities selected in the registration method, to make it default mode for authentication for the users on the User site. Select one of the settings radio buttons from the right side to make it default authentication method.

NOTE: Consider the following when selecting an authentication method:

  • When the administrator select registration method(s), only the respective authentication methods are visible to the administrator in Authentication methods. See Register.

  • If the Administrator has selected Allow user to edit corporate details in corporate authentication of registration mode, a user cannot update the corporate email and corporate mobile number, if they are already populated.

Security Questions

Use this activity to authenticate a user with the personal Questions and Answers profile. In this activity, the administrator can specify how many questions from the Questions and Answers profile the user must answer for authentication.

Corporate Authentication

Use this activity to authenticate a user with a mobile device. There are two methods to authenticate the users using a mobile device.

  • Authenticate with RADIUS Two-Factor Authentication: See Authenticate with RADIUS Two-Factor Authentication.

  • Authenticate via Phone: See Authenticate via Phone.

Personal Authentication

Use this activity to authenticate a user with email or SMS. The email address and phone number used is registered by the user in Register or in Manage My Profile workflow.

Authenticate via Passcode: Use this activity to authenticate the users with a passcode. The administrator can configure passcode length and expiry time limit for the passcode.

Authenticate with Q&A Profile

Use this activity to authenticate a user with a personal Questions and Answers profile. In this activity you can specify mandatory and helpdesk questions from user’s Q&A profile that a user must answer to be authenticated.

IMPORTANT: If the questions you selected in this activity are not found in the user’s Q&A profile, the user will not be authenticated and the workflow containing this activity will not be performed for this user.

You can select one of the following authentication methods:

  • Answers to the specified questions (user’s answer is shown): In this mode, a helpdesk operator will ask the user for complete answers to the specified questions, then compare them to the answers displayed on the identity verification page.

    IMPORTANT: This option cannot be used if user answers are not stored using reversible encryption. To store answers using reversible encryption, select the corresponding option in the Q&A profile settings.

    NOTE: By default, the answers on the Verify User Identity page are not displayed. To display the answers, you can clear the Hide my answers for security purposes check box on the Verify User Identity page.

  • Answers to the specified questions (user’s answer is not shown): In this mode, a helpdesk operator will ask the user for complete answers to the specified questions, and enter the answers on the identity verification page.

    NOTE: By default, the answers on the Verify User Identity page are not displayed. To display the answers, you can clear the Hide my answers for security purposes check box on the Verify User Identity page.

  • Random characters of answers to the specified questions: In this mode, a helpdesk operator will ask the user to tell the specified number of characters in the user's answer to a specified question, then type in those characters in the appropriate positions on the identity verification page.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating