Adaxes

Having MFA on forget password link

0 votes

Currently thought we have enabled MFA on self service policy, the MFA is only prompted for self-service login, but not for 'forget password link'

Is there a way when users use forget password link and try to reset their password, can we have mandatory MFA for this section.

by (460 points)
0

Hello,

What exactly do you mean by MFA here? The only options available for self-password reset verification are questions and answers, verification code (sent via email or SMS) and passcode generated by a mobile application (e.g. Google Authenticator). All the options can be enabled in the corresponding password self-service policy.

by (288k points)
0

Thank you for response, by MFA I mean the passcode verification method while users use "Forget Password Link"

Currently our password Self-Service policy has "Authenticator Mobile App" checked and set to Duo Mobile, but when users use "Forget Password" link they are only presented with Captcha and security Q&A set by them. Would like to have them enter passcode when they attempt to reset their forgotten password using "Forget Password" link.

by (460 points)

1 Answer

0 votes
by (288k points)
selected by
Best answer

Hello,

As you already have the Authenticator mobile app verification option enabled in the Password self-service policy settings, now you need to have your users re-enroll for Password self-service. It can be done by logging in to the Web interface and using the corresponding option on a card or in my menu. image.png

Related questions

0 votes
1 answer
Users using Forget password link in self service portal are prompted to change password again

We have implentend Adaxes in our infrastructure and users who use forget their password link via Adaxes self service portal by going thorugh the registered Q&A are being prompted to ... by a specific business rule, I am unable to check this via the log

asked Mar 14, 2023 by Vish539 (460 points)
0 votes
1 answer
Change password link not accepting username entry?

Using the Password expiration built-in scheduled task, I include the link into the /AdaxesSelfService/ChangePassword.aspx file - however it doesn't let a user put in their username ... old and new password fields fine, but can't get the username field to pull.

asked Mar 28, 2013 by danftasc (440 points)
0 votes
1 answer
Is it possible to use existing company MFA for password self-service?

Hi! In 2019.2 new feature was introduced to use Microsoft Authenticator to validate the password self-service. Is it possible to connect it to existing MFA in ... Authenticator - one company account and another one generated by Adaxes after enrollment. Thanks!

asked Oct 30, 2019 by Dmytro.Rudyi (920 points)
0 votes
1 answer
What Graph permissions are needed to report on "MFA Jail" users.

The Adaxes service account is a global admin, and we have already granted audit reporting to look for the lockout events, but I cannot pull the logs via the Adaxes service. I am ... enterprise app to pull this data? Or is there a better way to find this info.

asked Apr 21, 2023 by DA-symplr (100 points)
0 votes
1 answer
Is there a way for Adaxes to use Microsoft 365 user profile pictures instead of having to select a file per user?

Is there a way for Adaxes to use a user's Microsoft 365 profile pictures instead of having to select a file on a per user basis?

asked Feb 1 by keneth.figueroa (20 points)
3,538 questions
3,229 answers
8,224 comments
547,748 users