If Web Portal users forget their password, they can login in to the Password Reset Portal with the help of the password questions and set a new password.
Required configuration keys:
-
Login with password questions (EnablePasswordProfileLogin): Specifies whether users can login by answering their password questions.
-
Password questions can be managed (VI_MyData_MyPassword_Visibility): Specifies whether users can manage their password questions and answers.
To configure password questions
-
Log in to the Administration Portal (see Logging in to the Administration Portal).
-
In the navigation, click Configuration.
-
On the Configuration page, in the Show configuration for the following API project drop-down, select the Password Reset Portal API project.
-
Expand the Login with password questions configuration key.
-
Select the Login with password questions check box.
-
On the Configuration page, in the Show configuration for the following API project drop-down, select the Web Portal API project.
-
Expand the Password questions can be managed configuration key.
-
Select the Password questions can be managed check box.
-
Click Apply.
-
Perform one of the following actions:
-
If you want to apply the changes locally only, click Apply locally.
-
If you want to apply the changes globally, click Apply globally.
-
-
Click Apply.
-
Start the Designer program.
-
Connect to the relevant database.
-
Configure the following configuration parameters:
TIP: To find out how to edit configuration parameters in Designer, see the One Identity Manager Configuration Guide.
-
QER | Person | PasswordResetAuthenticator | QueryAnswerDefinitions: Specify how many password questions and answers users must enter. Users who do not enter enough or any questions and answers, cannot log in to the Password Reset Portal using their password questions.
NOTE: The value must not be less than the value in the QueryAnswerRequests configuration parameter.
-
QER | Person | PasswordResetAuthenticator | QueryAnswerRequests: Specify how many password questions users have to answer before they can log in to the Password Reset Portal.
NOTE: The value must not be higher than the value in the QueryAnswerDefinitions configuration parameter.
-
QER | Person | PasswordResetAuthenticator | InvalidateUsedQuery: Specify how many new password questions and answers users must enter after they have successfully logged in to the Password Reset Portal. If this option is enabled, correctly answered password questions are deleted after logging in to Password Reset Portal.
-