Set Up Security Questions for a User

Prerequisites: To fully configure the authentication policy, the following permissions are required:
  • Update authenticator expiry threshold.
  • Extend authenticator valid period.
  • Update memorable data authenticator status.

If some are missing, then either this page will not be displayed, or only partial configuration is possible (that is, when segregation of duties is required).

If you have none of these permissions, the authenticator status will be set to “Disabled” by default.

  1. Follow the steps in Search for Users to search for the user.

  2. In the user’s Details page, select the Wallet tab.

  3. Click Set up Security Questions.

  4. From the drop-down list, select the Authentication Policy and click Next.

  5. Ask the user for their answers to the Security Questions and enter them into the relevant field.

    6. Note: This illustration shows the Set up Security Questions page displayed after selecting an authentication policy that has a Security Questions group consisting of ten prompts. Of the settings derived from the authentication policy, you can only change the validity period for the authentication record.

    The number of prompts (in this example, three) for which you must enter responses to create the authentication record is defined at the top of the list of prompts.

    • If you create an authenticator that requires the user to authenticate by giving the correct response to one Security Question prompt, then when the user attempts to authenticate, he will always be requested to provide the correct response to that one prompt.
    • If you create the authenticator by entering responses to more than one prompt, then when the user attempts to authenticate, he will be requested to provide the correct response to one of the prompts (selected at random) for which you have entered responses.

  6. Click Next.

  7. Modify the attributes of the authentication policy, if necessary.

  8. Click Save.