6.0 Performing Password Management

Identity Manager 4.5 includes Self Service Password Reset (SSPR) to help you manage the process for changing passwords and resetting forgotten passwords. SSPR provides enhanced security. The user gets authenticated through a series of questions and answers known only to the user. During password reset, SSPR uses a challenge-response authentication method to authenticate the user. You can store the challenge-response information in the back-end directory, external database, or internal database. Users can change their password and reset any forgotten password by using the configured challenge-response information. For more information about SSPR features, see the NetIQ Self Service Password Reset Administration Guide.

The installation process enables SSPR by default when you install or upgrade to the latest version of Identity Manager. In a new installation, SSPR uses a proprietary protocol for managing authentication methods. However, after an upgrade, you can instruct SSPR to use the NetIQ Modular Authentication Services (NMAS) that Identity Manager traditionally used for its legacy password management program.

SSPR is the default option for managing passwords. If you need to use the legacy password management method or a third-party program for managing forgotten passwords, see Using Self Service Password Reset for Forgotten Password Managementin the NetIQ Identity Manager Setup Guide.This section tells you how to use SSPR with Identity Manager and the legacy password management method. Topics include:

NOTE:This section describes the default features of the password management. You might encounter some differences because of your job role, your level of authority, and customizations made for your organization. Consult your system administrator for details.