Adaxes

Question and Answer Enrolment Data Storage

0 votes

Hi All,

I see that Adaxes uses a local SQLite database for logging. However when a user enrols for password resets using a question and answer based authentication, where is this data stored and how is or can it be protected?

All of this data is obviously personal data, some more sensitive than others so I was just wondering how it is handled?

Thanks,

by (440 points)

1 Answer

+2 votes
by (14.1k points)
selected by
Best answer

Hello!

For security considerations, answers to security questions are not stored explicitly, only hash codes of the answers are stored in AD LDS which is used as Adaxes backend. The information is secured by means of AD LDS itself.

Related questions

0 votes
1 answer
How to use ADSI script to validate a user answer to his question?

We try to use ADSI scripting to automate some tasks using Adaxes 2023. One such task is to try to check whether an answer provided by a user to his question is correct or not. ... . But I do not see an easy way to do this using ADSI script and/or interfaces.

asked Oct 22 by gfang (20 points)
0 votes
1 answer
Scheduled task enrolment email using adm-PasswordSelfServiceEnrollmentPolicyDN

Hi Team I am testing out a scheduled task to send out an email for password self service enrolment and located a previous question which suggested using the adm- ... or has the state of a users self service enrollment moved to another property?

asked Feb 26, 2021 by Richard_NRL (90 points)
0 votes
1 answer
Challenge Questions storage

Hello, Where are the challenge questions and answers stored? Active Directory? Or somewhere else? Also, are the questions and/or answers encrypted in any way? Thanks for the assistance.

asked Aug 19, 2013 by ColdFusion02 (20 points)
0 votes
1 answer
Can you clarify the answer as it's a bit confusing? Will there be new major release available this month?

Can you clarify the answer as it's a bit confusing? Will there be new major release available this month?

asked Nov 17, 2022 by ColinB (180 points)
0 votes
1 answer
I suspect the answer is no, is the system able to produce a report for weak passwords?

We are trying to do a report on weak passwords, but i dont think adaxes is able to?

asked Mar 16, 2022 by marcwoollard (40 points)
3,548 questions
3,238 answers
8,232 comments
547,811 users