Assign Challenge Questions to Password Policies

Once a pool of Password Challenge questions has been created, you can assign those questions to any Password policies that have been configured in EmpowerID.

To assign challenge questions to a password policy

  1. Log in to the EmpowerID Web application as an administrator.
  2. From the Navigation Sidebar, navigate to the Password Manager Policies management page by expanding Admin > Policies and clicking Password Manager Policies.
  3. From the Policies tab of the Password Manager Policies management page, search for the policy to which you want to assign the challenge questions and then click the link for that policy in the Policies grid.
  4. This opens the View page for the policy. View pages allow you to view details about an object in EmpowerID and make changes to those objects as needed.

  5. From the View page, click the Edit link for the policy. Edit links have the Pencil icon.
  6. From the View page for the policy that appears, click the Questions tab to display the pool of questions currently assigned to the policy, if any.
  7. Click the Add New (+) button located just above the Questions grid.
  8. In the Question Information dialog that opens, do the following:
    1. Select the question you want to add to the policy from the Question drop-down.
    2. Select the type of question from the Question Type drop-down. Question types include:
      • Required - A question marked as required will always be asked during the enrollment in addition to the number of selectable questions specified.
      • Selectable - A question marked as selectable will be presented as one of the possible questions from which a user can select during the enrollment process.
      • Helpdesk - A question marked as helpdesk will be asked during the enrollment process and is used exclusively by the helpdesk staff in the “Helpdesk Password Reset” workflow. These questions are not presented to the user during password reset operations. If the user calls the helpdesk for assistance with password reset, the Helpdesk would ask the user these questions over the phone to provide identity verification.
      • Custom - A question marked as custom will allow the user to enter a custom question and answer during the enrollment process.
    3. Tick Must answer Correctly if this question is presented during the password reset process. This option sets an absolute requirement regardless of the requirement for the number of correct answers as specified in the policy. In the user interface of the Password Reset Center, if the user is randomly presented with this question, the user cannot proceed past this question until it is correctly answered. An incorrect answer to this type of question automatically counts as a failed attempt.
    4. Type the minimum number of characters for the answer to this question in the Minimum Length field.
    5. Click Save.
  9. Repeat step 7 above for each question you want to add to the policy.