Self Service Password Reset provides different security settings for the security of the users’ information and passwords it manages. Ensure that you configure the security for Self Service Password Reset because it manages your users’ credentials.
Self Service Password Reset allows you to increase the security of the application through using security keys, reverse DNS, and the length of the sessions.
If you have imported the remote TLS connection certificates in to Self Service Password Reset, you can change how Self Service Password Reset reads the certificate. By default, Self Service Password Reset imports the entire remote TLS certificate chain into the configuration. At the time of connection, Self Service Password Reset reads the remote TLS certificate chain and compare all presented certificates with the stored configuration and allow a connection only if all certificates match. Self Service Password Reset allows you to change the configuration to have Self Service Password Reset only compare and match the Root CA Certificate to the Root CA Certificate in the Self Service Password Reset configuration.
To configure the security settings:
Log in to Self Service Password Reset at https://dns-name/sspr as an administrator.
In the toolbar, click your name.
Click Configuration Editor.
Click Settings > Security > Application.
Follow the help to configure the application security settings.
In the toolbar, click Save changes.
Self Service Password Reset is a web application. It provides a number of settings to help you increase the security of the communication over the web and to protect against web attacks. Use the following setting to help increase the security for the web communications.
Log in to Self Service Password Reset at https://dns-name/sspr as an administrator.
In the toolbar, click your name.
Click Configuration Editor.
Click Settings > Security > Web Security.
Follow the help to configure the web security settings.
In the toolbar, click Save changes.