To utilize the Password Reset Portal, it must be installed as a dedicated web application. The necessary security is guaranteed by multi-factor authentication.
To utilize the Password Reset Portal, it must be installed as a dedicated web application. The necessary security is guaranteed by multi-factor authentication.
Configuration parameter |
Description |
---|---|
QER | Person | PasswordResetAuthenticator | ApplicationToken |
Sets a application token for the Password Reset Portal. |
During installation, you will be prompted to enter an application token. This application token functions like a password, which the web application uses to authenticate itself on the database. This ensures that the password can only be reset by the web application assigned for the purpose.
To install the Password Reset Portal
After selecting the web project, you are prompted to enter an application token.
The application token is saved as a hash value in the database in the QER | Person | PasswordResetAuthenticator | ApplicationToken parameter and stored encrypted in the web.config file.
Authentication on the Password Reset Portal differs from authentication on the Web Portal. Users can log in to Password Reset Portal using the following options:
Login Type |
Authentication Module Used |
Application (QBMProduct) |
---|---|---|
Login with passcode. |
Password reset (role-based), read-only. |
Password reset, read-only. |
Login using a secret password question. |
Password reset (role-based), read-only. |
Password reset, read-only. |
Login with user name and password. |
Specified in the web application configuration. |
Specified in the web application configuration. |
If Web Portal users forget their password, they can login in to the Password Reset Portal with the help of the password questions and set a new password.
To configure the use of password questions.
Start the Designer program.
Connect to the relevant database.
Configure the following configuration parameters:
TIP: To find out how to edit configuration parameters in Designer, see the One Identity Manager Configuration Guide.
QER | Person | PasswordResetAuthenticator | QueryAnswerDefinitions: Specify how many password questions and answers users must enter. Users who do not enter enough or any questions and answers, cannot log in to the Password Reset Portal using their password questions.
NOTE: The value must not be less than the value in the QueryAnswerRequests configuration parameter.
QER | Person | PasswordResetAuthenticator | QueryAnswerRequests: Specify how many password questions users have to answer before they can log in to the Password Reset Portal.
NOTE: The value must not be higher than the value in the QueryAnswerDefinitions configuration parameter.
QER | Person | PasswordResetAuthenticator | InvalidateUsedQuery: Specify how many new password questions and answers users must enter after they have successfully logged in to the Password Reset Portal. If this option is enabled, correctly answered password questions are deleted after logging in to Password Reset Portal.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center