A password can be reset when a user forgets a password
or requests a password change. The password policy defines the behavior
in case of password resets.
You can reset
passwords by configuring:
- Secret questions and answers—Questions can be configured in the
password policy for user authentication and on success, password can
be reset or changed. Repeated wrong answers lock users out. Secret
questions act akin to passwords for handling user authentication.
- Using protocols such as e-mail, SMS or any other protocol. You
can configure any protocol as applicable.
An e-mail can be sent to users when:
- A password is changed or reset.
- An answer to a secret question is given or changed.