Adaxes

Having MFA on forget password link

0 votes

Currently thought we have enabled MFA on self service policy, the MFA is only prompted for self-service login, but not for 'forget password link'

Is there a way when users use forget password link and try to reset their password, can we have mandatory MFA for this section.

by (480 points)
0

Hello,

What exactly do you mean by MFA here? The only options available for self-password reset verification are questions and answers, verification code (sent via email or SMS) and passcode generated by a mobile application (e.g. Google Authenticator). All the options can be enabled in the corresponding password self-service policy.

by (295k points)
0

Thank you for response, by MFA I mean the passcode verification method while users use "Forget Password Link"

Currently our password Self-Service policy has "Authenticator Mobile App" checked and set to Duo Mobile, but when users use "Forget Password" link they are only presented with Captcha and security Q&A set by them. Would like to have them enter passcode when they attempt to reset their forgotten password using "Forget Password" link.

by (480 points)

1 Answer

0 votes
by (295k points)
selected by
Best answer

Hello,

As you already have the Authenticator mobile app verification option enabled in the Password self-service policy settings, now you need to have your users re-enroll for Password self-service. It can be done by logging in to the Web interface and using the corresponding option on a card or in my menu. image.png

Related questions

0 votes
1 answer
Users using Forget password link in self service portal are prompted to change password again

We have implentend Adaxes in our infrastructure and users who use forget their password link via Adaxes self service portal by going thorugh the registered Q&A are being prompted to ... by a specific business rule, I am unable to check this via the log

asked Mar 14, 2023 by Vish539 (480 points)
0 votes
1 answer
Adaxes support removing on-prem exchange while still having on-prem AD and Entra Id Connect Sync

I am trying to get a better understanding of how all this works, so forgive me if some of these questions don't make sense. We are trying to remove our final Exchange On ... to the cloud, then I would need to keep our last on-prem exchange server running?

asked Jan 9 by emeisner (120 points)
0 votes
1 answer
Change password link not accepting username entry?

Using the Password expiration built-in scheduled task, I include the link into the /AdaxesSelfService/ChangePassword.aspx file - however it doesn't let a user put in their username ... old and new password fields fine, but can't get the username field to pull.

asked Mar 28, 2013 by danftasc (440 points)
0 votes
1 answer
Is it possible to use existing company MFA for password self-service?

Hi! In 2019.2 new feature was introduced to use Microsoft Authenticator to validate the password self-service. Is it possible to connect it to existing MFA in ... Authenticator - one company account and another one generated by Adaxes after enrollment. Thanks!

asked Oct 30, 2019 by Dmytro.Rudyi (920 points)
0 votes
1 answer
What Graph permissions are needed to report on "MFA Jail" users.

The Adaxes service account is a global admin, and we have already granted audit reporting to look for the lockout events, but I cannot pull the logs via the Adaxes service. I am ... enterprise app to pull this data? Or is there a better way to find this info.

asked Apr 21, 2023 by DA-symplr (100 points)
3,606 questions
3,293 answers
8,343 comments
548,458 users