Password Reset Server’s most recent upgrade to 3.2 gives greater control over the identity verification process by allowing administrators to define which questions users must answer correctly.
Now, verification questions can be marked as Optional, Required or Grouped.
Administrators can now mark specific questions as Required, meaning that users will have to provide correct answers to required questions during enrollment and will have to answer the questions correctly during a password reset.
Questions can also be marked as Grouped. This will display all questions in the group during a password reset, but the user only has to answer one of the grouped questions correctly. This option is especially useful for companies requiring multifactor authentication, as it gives users the option to choose the multifactor method of communication works best for them at the time.
Here’s how this can work: Set three multifactor questions Grouped: email, SMS and phone. During enrollment, the user will be required to enter their email, SMS and phone numbers. Then during a password rest, the user can choose which multifactor question to answer correctly, so if they are only able to access email at the time, they can answer the email verification question correctly.
Security Policy question configuration: Three multifactor questions are marked as grouped (required 1 correct answer out of 3), an image question is required, and the user will choose two of the optional questions to answer during enrollment.
Questions during enrollment: Required questions are marked with an exclamation point (!) and optional questions can be selected from the drop-down menus.
For a chance to see the new features in action, join us for our webinar this Thursday, April 17 at 11:30 a.m. EDT!