How Are Password Reset Policies and Questions Defined?
The administrator creates password reset policies that define how, or whether, a password can be reset. These policies also specify whether questions will be asked of the user and how many questions are required. Password reset policies can be independently defined and linked to one or more services within the system.
The administrator can define a set of security questions that are presented to the user for validation when a password is forgotten. Application users enter answers to these questions when they first log in to the system. Their answers are stored and compared to answers they provide again when they need to reset their password.
Security questions must be assigned to a service in the system when they are created, but they do not have to be active (enabled).
To configure a password reset policy, including a set of security questions to verify the user, complete these steps:
-
Add the GenPwd service property to the Primary Authentication Service so that the system will generate new passwords for users if needed.
-
Add an e-mail address as a configuration parameter to the GEN product line so that there is a return e-mail address for the e-mails that are sent to users when they need a new password.
-
If necessary, modify role/security class assignments. This is needed, for example, for suppliers in Infor Lawson Supply Chain Management Applications. See your Landmark application installation guide for more information.
-
Create a password reset policy and enable the security questionnaire for that policy.
-
Define a security questionnaire by creating a set of security questions that are flagged as "active".
-
Map the questions to the reset policy by specifying the service for each security question.
-
Assign the password reset policy to the appropriate services.