Previous Topic: Verify a User AttributeNext Topic: Configure a Failed Attempt Limit


Lock the Forgotten Password Reset or Forgotten User ID Task

To secure the Forgotten Password Reset or Forgotten User ID task, you can limit the number of failed verification attempts a user makes. Once a user exceeds the failed attempt limit, the task locks, and the user can no longer access it.

You can determine what CA IdentityMinder considers a failed verification attempt. The definition of a failed attempt may be very strict, such as answering one verification question incorrectly, or more lenient to allow for mistakes, such as mis-typing an answer.

Note: You can also configure CA IdentityMinder to lock the Forgotten Password Reset or Forgotten User ID task after a specified number of successful verification attempts.This prevents users from using the Forgotten Password Reset or Forgotten User ID task instead of remembering login credentials.

More information:

Configure a Failed Attempt Limit

Configure a Successful Attempt Limit