How to configure the Question & Answers for Forgotten Password in the Identity Manager
search cancel

How to configure the Question & Answers for Forgotten Password in the Identity Manager

book

Article ID: 254574

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Portal CA Identity Suite

Issue/Introduction

How to configure the Question & Answers for Forgotten Password in the Identity Manager

Environment

Identity Manager 14.x (vApp and non-vApp)

Resolution

1 - First confirm that you have the Logical Attributes from Question1..5 and Answer1..5 in the Identity Manager Management Console

Home > Environments > <Your_Environment> > Advanced Settings > Logical Attribute Handlers > ForgottenPasswordHandler.

 

2 – From Identity Manager UI, we need to add the Q&A in the “Modify My Profile” so the user can add their Q&A by themselves.

From the menu, select Roles and Tasks > Admin Tasks > Modify Admin Task

Search for “Modify My Profile”, select it and select the Tabs tab, and edit Profile

 

Click the Browse button from the “Screen” field, “My User Profile” and click the Edit button “My User Profile”

 

Click the Edit button to edit the “My User Profile” screen

 

Select Add 5 rows of 2 fields, to add the 5 questions and 5 answers fields

 

You will see the new fields.

 

Select all those new fields and hit the Split button to have each one in one row.

 

 

Now you need to edit each field with its respective Question1 and Answer1 until Question5 and Answer5, below the Question1 and Answer1 fields

 

Click Apply for each field and after setting all fields, click the Ok, Select, Ok, and Submit buttons to save the changes.

 

After setting all fields, you will have the following result.

Below while using the Modify My Profile Admin Task.

 

Note: Each user must log in and select the menu “Home” > “Modify My Profile”

Above is a sample, you can type any information you want.

 

3 – Now we need to set up the Forgotten Password Admin Task to display the Q&A, we will follow the documentation, see Additional Information, “Display Multiple Verification Questions At One Time”

Edit Admin Task “Forgotten Password” and select the Search tab

Hit the Edit button for “Forgotten Password Search”

 

That’s how the configuration should be seen after the changes

Remember to set the “Number of questions” and “Number of acceptable incorrect answers”

 

Below is how the “Forgotten Password” link should be displayed after clicking on it on the login screen.

You need to enter the Answer to the current question and hit the Ok button and the screen will ask for the next Answer which depends on the number of questions you defined.

Additional Information

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-4/configuring/user-console-design/self-service-tasks/configure-the-forgotten-password-reset-forgotten-user-id-and-one-time-password-tasks/design-verification-screens.html