You can configure the challenge response policy for a profile that a specific group of users must use for populating the response answers. You can define challenge questions on the Challenge Profiles page for different profiles.
An SSPR administrator can configure the random and required questions for the users to use for resetting their password. You can also configure random and required questions that any helpdesk person can use for authenticating the users to reset their password.
To configure challenge response, perform the following:
Click Profiles > Challenge Profiles
Click View > Always Show Advanced Settings.
Configure the following settings:
|
Field |
Description |
|---|---|
|
Challenge Profile Query Match |
Specify the query that matches users for the specified profile. |
|
Random Questions |
Set up random questions for challenge-response in this field. Users need to answer all or some of these questions while setting up their responses. Use %<text>% to indicate a user supplied question. Format of the question: question::minimumLength::maximumLength For example:
|
|
Required Questions |
Set up the required questions for challenge-response. The user must answer all these questions while setting up their responses. Users must provide answers to these questions during resetting process of forgotten password. Use %<text>% to indicate a user supplied question. Format of the question: question::minimumLength::maximumLength For example:
|
|
Minimum Random Required |
Specify the minimum number of random questions that are required at the time of forgotten password recovery. NOTE:If you modify this setting after the users have answered the challenge response then, users are prompted to answer the same number of challenge questions during Forgotten Password process instead of answering the modified number of challenge responses. But if the users clear the responses and answer the challenge response again then user is prompted to answer the modified number of challenge responses. |
|
Minimum Random Challenges Required During Setup |
Specify the minimum number of random questions the user is required to answer during the response setup. If the specified number is higher than the available random questions, or lower than the Minimum Random Required value, this setting is adjusted accordingly. The random challenge questions are shown to users in two different scenarios: during initial setup and during forgotten password recovery. Specify zero to force all available random questions to be configured at the time of setup. |
|
Helpdesk Random Questions |
Set up helpdesk random questions for challenge-response in this field. Users must answer all or some of these questions when setting up their responses. This setting is controlled by the Minimum Helpdesk Random Challenges Required During Setup setting. The helpdesk users can access the questions and its responses. These questions are not used for forgotten password recovery. Use %user% to indicate a user supplied question. Format of the question: question::minimumLength::maximumLength Where, question is the text of the challenge question, minimumLength is minimum field length and maximum length is maximum field length. For example,
|
|
Helpdesk Required Questions |
Set up helpdesk required questions for challenge-response. Users must supply answers for all of these questions when setting up their responses. Use %user% to indicate a user-supplied question The helpdesk users can access the questions and its responses. These questions are not used for forgotten password recovery. Format of the question: question::minimumLength::maximumLength Where, question is the text of the challenge question, minimumLength is minimum field length and maximum length is maximum field length. For example,
|
|
Minimum Helpdesk Random Challenges Required During Setup |
Specify the minimum number of helpdesk random questions the user is required to answer while setting up the response. If this number is higher than the available helpdesk random questions, or lower than the required questions, the setting is adjusted accordingly. Specify zero to force all available helpdesk random questions to be configured at time of setup |