What Is a Password Reset Policy?

If you set up a password reset policy and activate it for a service, then users who access the login page for the service but have forgotten their password, can click on a link. The link takes them to a page where the system presents one or more questions for which the user has previously provided personal answers. After providing answers that match the stored answers, the user is presented with a page for entering a new password.

If a user has not yet entered any security question answers but has forgotten the password, then the user will not be able to log in. You can enable the user to get a new password by performing this configuration:

  • Adding a system property to the Primary Authentication Service.

  • Configuring an address for the return email ConfigurationParameter table for the GEN product line.

When this configuration is performed, if the user forgets their password, the system will send a new password to the user's e-mail address that is on record. The user can then log in but will first need to provide answers to the security questions.

The administrator defines the set of security questions and also defines how many of the questions the user must answer correctly before being allowed to reset the password.

Administrators can also force the resetting of a password. In that case, the user must go to the lsuserapp application to set up a new password.

Note: 

When a password is changed in a Landmark application, no synchronization with Lawson applications occurs. The change applies to the Landmark login only.