Setting up security questions | Aranda PassRecovery V8

As part of the setup process, the end user must record the security questions and answers that they want to associate with their identity. The minimum number of questions required for authentication is predefined by the administrator from the admin console.

These questions will be configured only once – or again if the administrator deletes them or modifies the required amount – and are requested at the user’s first login to the tool Aranda PassRecovery.

To perform this configuration, follow these steps:

1. Log in to the ASDK User Console 'https://{domain}/USDKV8/', select the domain you want to authenticate with, and click the Forgot your password?.

2. The Aranda PassRecovery in a new tab. Enter your username and click the Continue.

3. Regardless of whether or not the user is associated with self-service, and whether or not they exist in Active Directory, the following message will be displayed:

“If the information is correct, an email will be sent with instructions.”

4. The application will validate the corresponding configurations and, if the criteria are met, will schedule an email to be sent using the template Password reset. This email will include a link to a One-time access token which will allow the user to continue with the management. The mail will be sent to the primary or alternate address registered in the ASDK database.

⚐ Notes:

Sending emails depends on the correct configuration of the SMTP server. Verify that it is enabled and accessible from the application server.

If the user doesn’t receive the email, verify that they have a primary or alternate address registered and that it’s associated with self-service in the Admin console.

The lifetime of the access token is defined from the Admin console, in the Token validity time, within the Configuration.

5. Once the user accesses the link received, they will be redirected to the form Security Questions, where you can register (or update) an alternate email and fill out the answers to the selected questions.

⚐ Notes:

If the user already has registered questions, they must answer them when entering from the link. If you want to change them, you will need to request your administrator to remove them from the Aranda PassRecovery.

If the user signs in with an expired or already used token, the alert will be displayed: Token validation error.

6. Once you have filled out the required information, click on the Save. The alert will be displayed:

“The answers were set up correctly. If the information is correct, an email will be sent with the instructions.”

If not, validate the configuration and try again.

⚐ Note:

Set up a Alternate mail It will allow the user to recover their password even if they cannot access their main mail.

7. The application will schedule the sending of a new email using the Password reset, with a link that includes a One-time access token. The mail will be sent to the main and alternate addresses on file.

⚐ Note:

If both email addresses (primary and alternate) are the same, only one email will be sent.