Managing Security Questions Authentication

Security Questions User authentication by validating responses to defined security questions, such as the user’s mother’s maiden name, a personally notable date, or the make of the user’s first car. authentication enables a user to authenticate by providing predefined responses (that is, answers) to a set of prompts (questions), such as a childhood nickname, or the color of their first car.

You define the prompts when you specify a Security Questions prompt group (a set of relevant prompts) per authentication policy. When you configure a Security Questions authenticator for a user as an instance of an authentication policy, you register the answers provided by the user to a required number of the prompts from the group.

When the user tries to authenticate using that authentication record, only the prompts for which the user has provided answers are presented.

As a Help Desk operator, you can add and edit the user's responses, as well as manage the associated authenticator.

The following data is required to create a Security Questions authentication record for a user:

  • Answers – the user’s response(s) to the security question prompt(s) displayed.

  • The authentication policy you select to create the authentication record governs the prompts that are displayed and the number of prompts for which you must enter responses to create the authenticator.

  • The Validity from which the authenticator will be valid for use in the dd/mm/yyyy format. The default value is the current date.

  • The Status of the authenticator (Enabled or Disabled).

    By default, Enabled is selected. If set to Disabled, the user will not be able to authenticate using this authenticator.

  • The Maximum number of successful authentications allowed by the user using this authentication record before they must change their password.

Topics in this section